26 to 50 of 74 Threat Detection Jobs in England

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

contain, and remediate cyber threats, while enhancing both client and internal cyber resilience. The successful candidate will bring deep technical expertise in digital forensics, threat analysis, and incident response, combined with the ability to operate effectively in a fast paced, client-facing environment. Key Responsibilities Lead … procedures, and best practices for both client engagements and internal use Provide expert guidance during major incidents, including stakeholder communication and reporting Support proactive threat hunting initiatives in collaboration with SOC teams Produce clear, structured forensic reports suitable for both technical and non technical audiences Ensure evidence is handled ...

Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat Detection & Prevention Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation. Tune and optimise security tooling to improve detection capability ...

Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention Proactively identify emerging threats, vulnerabilities, and attack patterns affecting the organisation. Tune and optimise security tools to reduce false positives … improve detection accuracy. Implement, manage, and maintain endpoint protection and security policies. Support vulnerability management activities, including remediation planning and risk tracking. Security Operations & Continuous Improvement Maintain and enhance security monitoring rules, alerts, and dashboards. Contribute to the development and maintenance of security runbooks and incident response playbooks. Support ...

optimise core security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection posture, and compliance Own and support Microsoft Purview capabilities including Information Protection, Data Loss Prevention, Data Lifecycle Management … Insider Risk Management. Support enterprise data governance frameworks, ensuring alignment with FCA, GDPR, and internal data governance standards Conduct regular risk assessments, threat hunting, and vulnerability management to identify, track, and remediate security risks across cloud, endpoint, identity, and data platforms Collaborate with risk, compliance, data governance ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include … Acting SME on Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting, CI/ ...

focuses on delivering Thames Water’s cyber strategy across IT and OT environments. You will design, implement and maintain security capabilities that enable early threat detection, rapid response and sustained cyber risk reduction. You must obtain Counter Terrorist Check (CTC) clearance. Responsibilities Collaborate with stakeholders to design, implement … maintain security controls that are effective, measurable and sustainable. Implement and maintain detection and response capabilities through SIEM integration, improving time‐to‐detect and time‐to‐remediate. Participate in a 24x7 on‐call support rota, responding to SIEM health alerts and restoring log ingestion. Manage use cases, perform data ...

environment. Analyse security incidents to determine scope, impact, and priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs … policy violations. Work closely with technical teams to support containment and remediation of security incidents. Support continuous improvement of SOC processes, tooling, and detection capability. Contribute to security reporting, documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical ...

Centre. The successful candidate will be responsible for monitoring and analysing security events in real time, investigating incidents, and supporting the continuous improvement of detection and response capabilities. Key Responsibilities Monitor and analyse security events within an enterprise SOC environment Perform real-time alert triage and incident investigation Determine … incident scope, priority, impact, and remediation actions Manage incidents through the full lifecycle from detection to resolution Support SIEM engineering activities including configuration, tuning, and optimisation Develop and enhance SIEM use cases, analytics, and playbooks Provide clear remediation guidance to technical and operational stakeholders Support rapid response activities ...

containment and mitigation activities where authorised, including coordinating response actions with relevant teams and tooling. Continuous Improvement and PIR Learnings Develop and fine-tune detection rules and alerts to identify malicious activity, validating effectiveness and reducing false positives. Identify and implement lessons learned from incidents and post-incident reviews … PIRs) to improve processes, runbooks, and detection logic. Contribute to a culture of quality and standardisation by improving documentation and operational practices. Skills and Experience Required Strong technical communication skills in time-pressured environments, with excellent written communication (clear, structured incident notes and stakeholder updates). Strong foundational knowledge ...

security architecture, collector deployment and asset coverage Standardise and enhance Armis configurations aligned to best practices Tune alerts, reduce false positives and improve threat visibility Improve asset inventory, vulnerability management and reporting accuracy Design and implement new OT threat detection use cases Develop reporting across assets, vulnerabilities ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

building a more resilient and secure environment. Key Responsibilities Take ownership of monitoring and developing SIEM activity across the environment, helping to improve detection capability over time Manage and enhance endpoint and threat detection tooling (including EDR, XDR, and MDR platforms) to strengthen overall security posture Lead … GDPR Deliver and support security awareness initiatives across the business, including phishing campaigns and user education Keep up to date with the evolving threat landscape and proactively suggest improvements to tools and processes Contribute to the organisation’s wider resilience strategy, including backup, disaster recovery, and data protection measures ...

assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security … ISC2 certifications Experience with cloud platforms such as Amazon Web Services, Microsoft Azure, or Google Cloud Scripting experience (PowerShell, Python, or Bash) Exposure to threat hunting or SIEM rule development What's On Offer Salary up to £55,000 depending on experience Opportunity to work with modern security tools ...

assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security … ISC2 certifications Experience with cloud platforms such as Amazon Web Services, Microsoft Azure, or Google Cloud Scripting experience (PowerShell, Python, or Bash) Exposure to threat hunting or SIEM rule development What's On Offer Salary up to £55,000 depending on experience Opportunity to work with modern security tools ...

cyber security matters, providing clear guidance to leadership and technical teams Lead engagement with a third-party Security Operations Centre (SOC), ensuring effective monitoring, detection and response Oversee incident management, including coordination, post-incident reviews and continuous improvement actions Own and manage key security platforms, including security awareness … third-party and supplier security posture where required Profile Proven experience in a cyber security engineering Strong understanding of cyber risk management, incident response, threat detection and security governance Very strong familiarity with Microsoft security technologies, including Microsoft 365, E5 licensing and the associated security stack (e.g. identity ...

governance, compliance and risk activity aligned to ISO 27001 and NIST. Requirements: Experience in Security Operations, Cyber Security Engineering or SecOps. Strong knowledge of threat detection, incident response, endpoint security and vulnerability management. Exposure to Microsoft Azure. Experience with tools such as CrowdStrike, Absolute, Sumo Logic, Rapid7 ...

governance, compliance and risk activity aligned to ISO 27001 and NIST. Requirements: Experience in Security Operations, Cyber Security Engineering or SecOps. Strong knowledge of threat detection, incident response, endpoint security and vulnerability management. Exposure to Microsoft Azure. Experience with tools such as CrowdStrike, Absolute, Sumo Logic, Rapid7 ...

working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies ...

industrial control system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based … activities Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network ...

initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such … technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies ...

hands-on experience with Microsoft Defender Experience monitoring and responding to security alerts in a SOC or security-focused environment Knowledge of endpoint security, threat detection, and incident response processes Understanding of cybersecurity principles, vulnerabilities, and attack techniques Ability to investigate and analyse security events effectively Experience identifying ...

across multi-site and cloud environments (Azure-focused) Design and implement security controls aligned to business risk Work closely with a SOC to enhance threat detection and response Automate security processes and improve operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...