101 to 125 of 415 Threat Detection Jobs in England

hackajob Preston, England, United Kingdom Join or sign in to find your next job Join to apply for the Lead Threat Detection Analyst role at hackajob hackajob Preston, England, United Kingdom 21 hours ago Be among the first 25 applicants Join to apply for the Lead Threat Detection Analyst role at hackajob Get AI-powered advice … on this job and more exclusive features. hackajob is collaborating with BAE Critical Skills Subsid to connect them with exceptional tech professionals for this role. Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. … threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Essential Your skills and experiences: Experience More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

Tier 2 SOC Analyst - Cyber Threat Analysis Center Job Description: The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated … Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. … conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant insights with CTAC teams to More ❯

Manager Contract role (Outside IR35) Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft Sentinel, Defender, and KQL. Key … Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science … Proven experience managing a SOC/Security Operations function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply immediately as first stage interviews are taking place this week. Alternatively, feel More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and … with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within … SOC team. Desirable (Nice-to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP . Previous experience handling SC or DV cleared environments. Demonstrated ability to fine-tune detection logic and improve SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront More ❯

Social network you want to login/join with: Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience … of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre (SOC More ❯

Social network you want to login/join with: Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience … of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre (SOC More ❯

unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You will work at the forefront of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns), while refining your skills across enterprise-scale log ingestion and customised Sentinel integration engineering. This role offers the chance to ingest … Role You will own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that enhance threat detection and response. Log ingestion at scale across hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry for accuracy … and cost efficiency Partner with IR teams on active threats – tuning rules based on live threat actor activity Collaborate with Microsoft teams to develop advanced detection capabilities Contribute to internal knowledge sharing and engineering standards What’s needed? Experience building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … SOC team Desirable (Nice-to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of More ❯

Safe XDR Solution Partner, gaining access to Microsoft’s security product roadmap, previews, and frontline support. Work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns), and refining skills in enterprise-scale log ingestion and Sentinel integration engineering, handling complex logs from various cloud and data sources. The … log ingestion pipelines and custom Function Apps Parse, normalize, and optimize log telemetry for accuracy and cost-efficiency Collaborate with IR teams on live attacks, tuning rules based on threat activity Work closely with Microsoft teams to develop detection capabilities Contribute to internal knowledge base and engineering standards Requirements Experience with complex Microsoft Sentinel deployment at SMC and … telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development: KQL, analytics rules, data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to work in fast-paced, customer-facing environments Technical Skills PowerShell, Python, REST APIs Log ingestion and parsing across platforms More ❯

powered advice on this job and more exclusive features. Direct message the job poster from Logic Engagements Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will … be at the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with … colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience More ❯

infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management … technical assurance across the OT security ecosystem. Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations … B Corporation by 2x Get notified about new Cyber Security Analyst jobs in Scotland, United Kingdom . Midlothian, Scotland, United Kingdom 2 weeks ago Tier 1 SOC Analyst- Cyber Threat Analysis Center Tier 1 SOC Analyst- Cyber Threat Analysis Center Erskine, Scotland, United Kingdom 1 month ago Information Security Governance Specialist Edinburgh, Scotland, United Kingdom 3 weeks ago More ❯

our IT and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why … a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent’s cyber resilience. Technical Challenge – Work With Advanced SIEM, SOAR, And Threat Detection Tools Across IT And OT Environments. Strategic Contribution – Influence The Development Of New Controls And Support The Delivery Of Cadent’s Cyber Security Strategy. Cross-Team Collaboration … Partner With Threat Intelligence, Vulnerability Analysts, And Incident Responders To Enhance Our Defences. Continuous Improvement – Engineer Solutions For Unpatchable Vulnerabilities And Automate Detection And Response Processes. National Impact – Help Protect The Systems That Keep Gas Flowing To Millions Of Homes And Businesses. What You'll Bring You are a technically skilled and security-focused professional with a strong More ❯

strategic defences while staying hands-on in the fight against evolving threats. Reporting to the Head of Cyber Security, the Senior SOC Engineer will play a critical role in threat detection, incident response, and driving the implementation of best-in-class security operations across the business. Microsoft Security Engineer Key Responsibilities: Oversee the end-to-end security monitoring … process, including log management, threat detection, and response using tools like Microsoft Sentinel . Drive vulnerability management efforts and support remediation in collaboration with IT teams. Lead investigations into security incidents, coordinating with internal teams and external partners as needed. Maintain and continuously improve security controls across Microsoft Defender, Azure, Intune, and Purview. Design and implement and access … Security Engineer Your Skills & Experience: Must Have: SC-200 or equivalent Microsoft Security certification. Strong experience in Microsoft Security technologies: Sentinel, Defender, Purview, Azure, Intune. Experience with incident response, threat hunting, and security operations processes. Familiarity with Tenable Nessus and KQL for query building. Strong foundation in operating systems (Windows Server/Desktop) and networking. Eligibility for Security Clearance More ❯

Job Summary: We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and … mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing … cloud-native applications. Key Responsibilities: Threat Modeling & Risk Assessments Lead the development of threat models for AWS-based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture. Create detailed reports, diagrams, and other documentation to communicate More ❯

Job Summary: We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and … mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing … cloud-native applications. Key Responsibilities: Threat Modeling & Risk Assessments Lead the development of threat models for AWS-based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture. Create detailed reports, diagrams, and other documentation to communicate More ❯

role will be pivotal in enhancing our cybersecurity framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our platforms … XDR products, including their integration with existing tools, utilizing them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate endpoint … required Qualifications And Required Skills Proven experience with Microsoft Sentinel and Defender XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large amounts of data from various More ❯

will manage, mentor, and train two junior SOC analysts, while delivering security operations services to clients across various industries. As a Senior SOC Analyst , your responsibilities include incident response, threat hunting , and real-time defence management . You will guide and mentor junior analysts and leverage automation and AI tools, including SOAR platforms, to enhance security outcomes. This role … Responsibilities Mentorship & Team Leadership: Support junior analysts with ticket escalation and incident investigations, fostering collaboration and learning. Client Relationship Management: Manage ongoing communications and ensure technical needs are met. Threat Detection & Analysis: Triage and analyze alerts across SIEM platforms (e.g., Microsoft Sentinel, ELK stacks). Log & Threat Intelligence Analysis: Conduct detailed log analysis and threat research … AZ-500 are highly desirable. Proficiency with EPP tools like Microsoft Defender for Endpoint and SentinelOne. Experience with ticketing systems and end-to-end workflows. Strong incident response and threat hunting skills. Excellent problem-solving and decision-making under pressure. Exceptional communication and customer-focused interpersonal skills. SANS certifications are desirable but not essential. #J-18808-Ljbffr More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯