22 of 22 Remote/Hybrid Threat Detection Jobs in England

exciting opportunity has arisen for a T hreat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a T hreat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve the organisation … overall cyber resilience. This is an excellent opportunity for a security professional who enjoys leading teams, improving security operations, and driving proactive threat detection strategies. Key Responsibilities Lead and mentor the internal Security Operations team, overseeing daily operational activities and performance Define and implement the strategy and operational ...

significant modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into … Head of SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation ...

engineers to optimise the effectiveness of security tools and platforms. Consuming and operationalising modern security technologies, including XDR and SIEM solutions, to enhance visibility, threat detection, and response effectiveness for clients Performing research and investigations to solve client’s technical security problems. Preparing impactful reports on security posture … organisational domains and common industry frameworks such as NIST CSF and ISO27001. Demonstrable experience of operating a key security process, such as vulnerability management, threat detection and response, or cyber security attack surface management, Hands-on expertise across a range of modern security technologies such as XDR, SIEM ...

basis. The end customer is one of the largest financial services institutions in the world as well. Job Description: We are seeking an experienced Threat Modeling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. The consultant will evaluate application-generated logs, develop threat detection strategies, and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics, and automation to enhance the customer’s application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large portfolio of applications ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential security incidents Triage alerts and escalate … incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working with SIEM platforms (Microsoft Sentinel beneficial ...

customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. … support ongoing digital transformation and automation initiatives. AI/ML in Security Operations Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection, incident analysis, or automated response capabilities within SecOps. ...

information security controls and countermeasures, ensuring alignment with the risks they are intended to mitigate Work with an outsourced Security Operations Centre (SOC), maintaining threat detection and response processes in conjunction with the InfoSec team to ensure its continued effectiveness Effectively operate established technical information security controls … functional collaboration as needed Conduct security incident investigations, collaborating with technical and non-technical stakeholders as appropriate, with the aim of identifying root cause, threat vector utilised, scope of compromise and related remedial and preventative actions Implement and administer technical security tooling (Such as Defender for Cloud, Defender ...

implementing technical information security controls and countermeasures aligned with specific risks. SOC Collaboration: Working with an outsourced Security Operations Centre (SOC) to maintain effective threat detection and response. Tooling & Incident Response: Administering technical security tooling (such as Defender for Cloud, Defender for Endpoint, and Nessus) and conducting security ...

Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology … ensure security issues are addressed quickly upon discovery. NMC Cyber Detect Analyst duties involve but are not limited to: Initial Triage of alerts - evaluation & detection Confirmation of false positive Incident data gathering and feedback on any gaps and issues in respect to Platform Content or tuning opportunities Reflection ...

Microsoft 365 estate within a high value research environment. Acting as the organisation's trusted specialist, you will oversee identity protection, access governance, cloud threat defence and compliance across Entra ID, Conditional Access, MFA, PIM, Microsoft Defender, Purview and related services. You will be responsible for diagnosing complex issues … need to succeed You will bring substantial hands on experience in Microsoft 365 security, with a deep understanding of identity protection, access control, threat detection and compliance You'll have operated in complex or hybrid environments and will be fully confident configuring, troubleshooting and enhancing services such ...

will be the technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within … 1.ISO27001 Implementation (Must have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management ...

organisations (5,000+ users), focused on Microsoft Security and IAM Consult with CISOs, Heads of Security, and IT leaders on identity protection , zero trust , threat detection , and compliance Own complex sales cycles around Microsoft Sentinel , Defender suite , Entra ID , and managed IAM Collaborate closely with technical consultants ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection … Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will "Bridge the Gap" Between Manual Research & Scalable, Real-Time Threat Simulation. Skills & Experience of Cyber Security Engineer: Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade ...

continual improvement of the business's security composure. Responsibilities: Provide expertise on application, network and infrastructure security Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts Provide documentation for technical standards to meet corporate security policies/industry best practice Perform ...

months. The client will not cover certification costs. Technical Skills: Hands-on configuration and deployment of Forescout NAC Deep knowledge of: Network security Threat detection Risk mitigation Network Access Control Troubleshooting experience with Cisco and other OEM network devices Experience with: Forescout Enterprise Manager & appliances Broadcom Spectrum (monitoring ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engi click apply for full job details ...

onsite) Job Type: PermanentA globally established organisation is seeking a Microsoft Security Engineer to strengthen its security capability across identity, endpoint, data protection and threat detection. This role will focus on leveraging the Microsoft security stack, including Defender XDR, Purview and Entra ID, to protect enterprise systems, manage risk … using Microsoft Entra ID, including Conditional Access and MFA Implement and maintain Privileged Identity Management (PIM/PAM) and secure access policies Conduct proactive threat hunting and support incident response activities Secure cloud applications and endpoints, ensuring alignment with security best practices Support eDiscovery, audit and data governance requirements ...

Lead remediation of an agreed list of known Tanium EDR gaps across the estate. Activate, configure, and deploy Tanium Reactions aligned to containment and detection requirements. Support Tanium device discovery, improving asset visibility across hardware, software and telemetry. Integrate device data, software data, and extended telemetry into SIEM … wider detection tooling. Develop and implement CI/CD pipelines for Detection Engineering content deployed through Tanium. Conduct Tanium testing and validation cycles, including rollback procedures to support CI/CD and containment operations. Collaborate with Detection Engineering, Endpoint, and C2E workstreams to ensure readiness for platform ...