1 to 25 of 129 Threat Detection Jobs in England

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced More ❯

Detection & Threat Hunt Lead Analyst Engage at our Cheltenham office. Secure employment is subject to satisfactory BPSS and SC security clearance, requiring five years continuous UK address history (no 30+ consecutive days outside the UK), and declaration of being a British passport holder with no dual nationality at the point of application. As a member of the SOC … Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to help ensure that detection strategies are tailored to each client's threat … and security objectives. This role offers a balance of technical hands on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. Key Responsibilities Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. Maintain detection content More ❯

the Cyber Fusion Centre. You will report directly to the Head of Insider Risk Management and manage a team of investigators, overseeing complex security investigations, and enhancing insider risk detection and response capabilities. You will play an important leadership role in developing programmes, driving continuous improvement, and encouraging collaboration. Summary of Primary Responsibilities Collaborate with the Head of Insider … coordinate with internal partners, and produce objective, well-documented case summaries. Analyze data from technical and behavioral sources to detect and respond to insider risk incidents. Develop & maintain insider threat indicators and use case scenarios to improve detection accuracy. Manage and mentor a geographically dispersed team of investigators. Support professional development and foster expertise in insider risk and … investigative practices. Work closely with partner teams (e.g., HR, Legal, Threat Detection Engineering, etc.) on threat detection and response initiatives to ensure coordinated and effective risk mitigation. Create and deliver insider risk awareness content, highlighting emerging trends and fostering a culture of vigilance and shared responsibility. Produce executive-level documentation, including SOPs, playbooks, process Qualifications Experience More ❯

Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role … working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the More ❯

Detection & Threat Hunt Lead Analyst Cheltenham Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being a British passport holder with no dual nationalism at the … us.” – Julie Sweet, Accenture CEO As a team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to … help ensure that detection strategies are tailored to each client’s threat profile and security objectives. This role offers a balance of technical hands-on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. More ❯

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … a great deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks … can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat intelligence for More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the … SOC’s abilities to detect cyber-attacks. Utilize telemetry available throughout the environment to build and improve detection capabilities. Testing of existing and new detection use cases Participation in security incidents/investigations Key skills needed for the role: Experience of SIEM administration – Splunk or Exabeam preferred but other SIEM tools considered Broad technical information security knowledge including … networking, malware analysis, incident response and Knowledge of information security protection, detection and authentication systems Understanding of tools, techniques and procedures that attackers use to compromise organizations, ideally from direct experience. Basic python\ AWS experience Please send your CV for immediate review More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the … SOC’s abilities to detect cyber-attacks. Utilize telemetry available throughout the environment to build and improve detection capabilities. Testing of existing and new detection use cases Participation in security incidents/investigations Key skills needed for the role: Experience of SIEM administration – Splunk or Exabeam preferred but other SIEM tools considered Broad technical information security knowledge including … networking, malware analysis, incident response and Knowledge of information security protection, detection and authentication systems Understanding of tools, techniques and procedures that attackers use to compromise organizations, ideally from direct experience. Basic python\ AWS experience Please send your CV for immediate review More ❯

Every minute of every day, Smiths Detection’s threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

Every minute of every day, Smiths Detection’s threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC … will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate … a 24×7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing More ❯

exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure & Network Security Design, implement, and maintain secure … to safeguard identity and access across the enterprise. Virtualisation & Endpoint Protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving More ❯

SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log … sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

and endpoint environments, including laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and … across all device types and operating systems. Engineer and operate scalable solutions for endpoint protection, data loss prevention (DLP), and compliance checking. Build automated controls for device posture, encryption, threat detection, and remediation. Own and optimize integrations with tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation … secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. More ❯

and IR processes, ensuring alignment and consistency across regions. Collaborate with global SOC and IR teams to harmonise incident response workflows, tooling, and reporting standards. Provide expert guidance to Detection Engineers to optimise detection logic and improve alert fidelity. Mentor and train junior SOC and IR analysts, fostering a culture of continuous learning and operational excellence. Contribute to … and refinement of Standard Operating Procedures (SOPs) for Tier 1 and Tier 2 operations. Conduct quality assurance reviews of Tier 1 analysis and provide constructive feedback. Collaborate with the Detection Logic Engineering team to enhance detection capabilities and threat coverage. Support audit and regulatory engagements by providing timely and accurate responses to information requests. Liaise with cross … of hours incident response rotations as necessary. Skills and Experience Minimum 3 years of experience in a Senior SOC Analyst or Tier 2/3 role. Proven expertise in threat analytics, incident response, and cyber investigations. Strong understanding of attacker tactics, techniques, and procedures (TTPs) across diverse environments. Familiarity with industry standard incident response frameworks (e.g., NIST, SANS). More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic security automation and orchestration across modern platforms. You will work … closely with detection, response, and engineering teams to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams … to improve detection coverage and response workflows Monitor emerging threats and translate attacker TTPs into actionable detections and automated mitigations Key Skills & Experience: Hands-on experience with Palo Alto Cortex XSOAR or other SOAR platforms Strong knowledge of threat detection and response engineering Familiarity with MITRE ATT&CK framework Proficiency in Python for automation and integration development More ❯

API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic security automation and orchestration across modern platforms. You will work … closely with detection, response, and engineering teams to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams … to improve detection coverage and response workflows Monitor emerging threats and translate attacker TTPs into actionable detections and automated mitigations Key Skills & Experience: Hands-on experience with Palo Alto Cortex XSOAR or other SOAR platforms Strong knowledge of threat detection and response engineering Familiarity with MITRE ATT&CK framework Proficiency in Python for automation and integration development More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client’s systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Engineer … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Engineer role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯