151 to 175 of 415 Threat Detection Jobs in England

Job Summary: The Senior Incident Response Analyst will play a critical role in our Security Operations Center (SOC) by leading the detection, analysis, and response to cybersecurity incidents. This individual will be responsible for monitoring security events, conducting in-depth investigations, and implementing advanced threat detection techniques. The ideal candidate will have extensive experience in cybersecurity, a … strong understanding of threat landscapes, and the ability to mentor junior analysts. The role requires a willingness to work on shifts, including one weekend a month during predominantly sociable hours. Key Responsibilities: Monitor and analyze security events from various sources. Conduct in-depth investigations of security events to determine root cause, potential impact, and mitigation steps. Collaborate with other … and guidance to junior SOC analysts. Stay current with emerging threats, vulnerabilities, and industry best practices. Participate in the development and refinement of SOC processes and procedures. Engage in threat hunting activities and rule writing/detection engineering as encouraged. Qualifications: Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM More ❯

role offers unparalleled access to Microsoft’s security product roadmap, previews, and frontline support. You will work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns), and refining your skills in enterprise-scale log ingestion and Sentinel integration engineering, with opportunities to learn and handle complex logs from … and data sources. The Role Own and optimize enterprise-wide log onboarding into Microsoft Sentinel Deploy standard and custom connectors, Function Apps, and parsers Build tailored SIEM solutions for threat detection and response Manage log ingestion across hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalize, and optimize log telemetry for precision and … cost control Partner with IR teams on real attacks, tuning rules against live threats Collaborate with Microsoft teams to develop advanced detection capabilities Contribute to internal knowledge base and engineering standards Requirements Experience with building and integrating complex Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM More ❯

unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the forefront of cyber defense, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customized Sentinel integration engineering. This will stretch your skills, give you … ll own and optimize enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalize, and optimize log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Collaborate closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge bases and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the front line of cyber defense, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customized Sentinel integration engineering that will stretch your skills, give you … ll own and optimize enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalize, and optimize log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise levels Understanding of security More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

Security Operations Analyst for a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities … across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to lock down … cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code More ❯

Security Operations Analyst for a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities … across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to lock down … cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code More ❯

Security Operations Analyst for a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities … across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to lock down … cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code More ❯

SOC workflows, automating enrichment processes using automation tools, and developing playbooks for more efficient alert handling. Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Cloud Security Monitoring: Analyse and manage security logs Security Monitoring & Threat Detection: Continuously monitor security alerts … events, and IoCs across all platforms. Youll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting Proactive Threat Hunting: Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Incident Response: Coordinate with the SOC team and cross-functional teams during the incident response lifecycle … if you need any adjustments throughout the process in whatever way works best for you. About You Experience in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills: Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the Cloud environment. Skilled More ❯

Financial Services) We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response. Responsibilities: Maintain and optimise SOC tools (SIEM, SOAR, EDR). Automate detection and response using scripts (Python, PowerShell). Integrate threat intel, onboard … log sources, and fine-tune alerts. Collaborate with SOC teams to enhance detection and incident response workflows. Support regulatory compliance (FCA, PRA, DORA) through improved security operations. Requirements: 4+ years in cybersecurity, with 2+ in SOC or security engineering. Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel). Proficient in scripting (Python, PowerShell). Knowledge of MITRE ATT More ❯

Security Analyst – Contract Role Rate: Up to £450 per day (Outside IR35) Duration: 12 Months - Potentially Extendable Are you a hands-on Cyber Security Analyst with a passion for threat detection, incident response, and proactive defence? We’re working with a leading public sector organisation seeking a skilled professional to join their Cyber Security team. Lead and support … Cyber Security Incident Response — triaging alerts and reports, escalating as needed, and applying lessons learned. Enhance detection engineering, configuring alerts and automating remediation to manage high-volume security data. Drive training and awareness, leading phishing simulations and crafting internal communications to build security culture. Leverage threat intelligence to conduct proactive threat hunting and surface risks. Manage vulnerability … Strong analytical and troubleshooting ability — comfortable solving problems from first principles. Proven operational cyber security experience at enterprise scale. Hands-on expertise in cyber incident response, vulnerability management, and threat detection. A self-starter with excellent communication skills and a proactive approach to continuous improvement. Desirable Qualifications: Security certifications (SANS, vendor-based) ITIL certification This is a fantastic opportunity More ❯

robust, efficient and globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to … for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be: Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. … vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud and on-premises assets. Leading the organisation's global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity More ❯

our IT and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why … a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent’s cyber resilience. Technical Challenge – Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution – Influence the development of new controls and support the delivery of Cadent’s cyber security strategy. Cross-Team Collaboration … Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement – Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact – Help protect the systems that keep gas flowing to millions of homes and businesses. What you'll bring: You are a technically skilled and security-focused professional with a strong More ❯

in collaboration with IT and infrastructure teams. In addition to alert triage and incident response, you will be responsible for maintaining and tuning key security solutions such as endpoint detection and response (EDR), antivirus, and vulnerability management platforms. You will also provide technical support to internal security-aligned projects and initiatives. About us Elysium Healthcare is an established, stable … in collaboration with IT and infrastructure teams.a In addition to alert triage and incident response, you will be responsible for maintaining and tuning key security solutions such as endpoint detection and response (EDR), antivirus, and vulnerability management platforms. This role ensures these tools operate effectively, remain aligned to evolving threats, and support compliance with organisational standards and frameworks. You … and that operational feedback is embedded into project delivery. Ultimately, the role plays a key part in strengthening the organisation’s cyber defence posture by bridging the gap between threat detection, technical resolution, and continuous improvement. As a Security Operations Engineer, you will be: Act as the primary point of contact for the managed SOC provider. Triage and More ❯

priorities by working closely with your team to identify the most critical focus areas. These include improving incident response times, reducing false positives and other extraneous alerts, and enhancing threat detection capabilities. In this role, you will analyze incident reports to understand the organization's security posture by reviewing incident reports and identifying patterns and trends that may … protocols and conveying them to the team. Responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations. POC for SOC engineering team, threat intelligence analyst, and threat exposure management. Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and … security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution. Ensure threat management, threat modeling, identify threat vectors, and develop use cases for security monitoring. Make informed decisions about security investments and strategies More ❯

robust, efficient and globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to … for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be: Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. … vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud and on-premises assets. Leading the organisation's global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity More ❯

our IT and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why … a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent's cyber resilience. Technical Challenge - Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration … Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep gas flowing to millions of homes and businesses. What you'll bring: You are a technically skilled and security-focused professional with a strong More ❯

role will be pivotal in enhancing our cybersecurity framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our platforms … XDR products, including their integration with existing tools, utilizing them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate endpoint … required Qualifications and Required Skills Proven experience with Microsoft Sentinel and Defender XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large amounts of data from various More ❯

report to the CISO and lead a high-performing team dedicated to protecting our customers, employees, and partners from cyber threats. You'll lead a technical team focused on detection and response, and partner cross-functionally with IT, Engineering, and other stakeholders to develop and implement scalable, frictionless security controls. Your Impact Lead the development of a best-in … class detection and response program by streamlining incident response processes and enhancing threat detection in collaboration with Security and Engineering teams. Foster organizational resilience by building strong partnerships across the business and continuously improving incident preparedness. Collaborate with IT to implement seamless enterprise security controls across endpoints, networks, email, and SaaS environments. Oversee and evolve the Identity … and growth. Establish and track security operations KPIs to drive operational excellence and promote a culture of continuous improvement. Your Qualifications 7+ years of leadership experience in security operations, detection and response, or enterprise security, including in SaaS/cloud environments. Proven expertise managing the full incident response lifecycle, from detection to resolution, including automation and threat More ❯

Security Operations Centre (SOC) to improve the efficiency and effectiveness of security operations. This role focuses on automating repetitive tasks, optimizing workflows, and integrating tools and systems to enhance threat detection, incident response, and overall SOC performance. The goal is to streamline security operations, reduce manual effort, and accelerate the identification and mitigation of security threats, enabling the … with automation tools (e.g., SOAR platforms, Ansible, Phantom or similar). Proficiency in scripting languages (e.g., Python, PowerShell, Bash). Strong understanding of SOC processes, including incident response and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITRE ATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). … Expertise in scripting languages (e.g., Python, PowerShell, Bash). Strong knowledge of SOC processes (incident response, threat detection). Experience with SIEM platforms (e.g., Splunk). Ability to integrate and automate security tools. Strong problem-solving and analytical skills. Experience in developing automated workflows and playbooks. Knowledge of security frameworks (e.g., MITRE ATT&CK, NIST). Strong collaboration More ❯

strategies. * Train and mentor internal teams on security awareness and best practices. * Engage with stakeholders across the business to communicate risks, strategies, and progress. * Stay current with the evolving threat landscape and emerging technologies. * Support audits and regulatory inspections as required. Essential Skills & Experience: * Proven experience in incident management and cyber security operations. * Strong knowledge of ISO 27001, NIST … and other security frameworks. * Experience with governance, risk, and compliance (GRC) processes. * Familiarity with Security Operations Centres (SOC) and threat detection tools. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams and promote a security-first culture. * Strong stakeholder management and communication skills. * Relevant certifications such as CISSP, CISM, or equivalent. … you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

stay safe online and provide support and guidance when attacks happen. Deal with security alerts, investigating and analysing them and collaborating with colleagues and customers until they are closed. Threat hunting, threat detection and assessing potential issues and incidents. Creating alerts and rules for detection of potential vulnerabilities, issues, and incidents. Tuning existing security alerts to … fix issues, reduce false positives and improve efficiency. Communicating with customers and reporting any relevant issues to them. Generating actionable and useful threat intelligence. Perform vulnerability scans, reviewing and validating the results and communicating these to stakeholders. Collaborating with customers to provide relevant training and review sessions, supporting them to achieve proactive and practical security. Candidate Attributes: Ability to More ❯