26 to 50 of 54 Threat Detection Jobs in England

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

Position: Threat Defence Delivery Manager Location: London/Hybrid Type: Contract, Inside IR35, 6 Months Rate: £(Apply online only) p/day We are seeking an experienced Threat Defence Delivery Manager to lead a critical workstream within a major cyber transformation programme. This role is responsible for consolidating … enhancing the organisation's threat detection and response capabilities across all business units. In this role, you will: Lead the implementation of a unified Security Operations Centre (SOC), providing a single view of security events while supporting federated reporting for individual business units. Manage the selection and onboarding ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

multiple platforms, including Microsoft and endpoint security tools. Conduct in-depth investigations of security events, escalating and containing incidents as required. Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce … Expertise Sentinel, MDE, and MDI deployments Proven experience in a hands-on SOC Analyst role within an enterprise environment Strong understanding of security operations, threat detection, and incident response workflows Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with ...

Manager is responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management … Ensure effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

technical authority for cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation Security … Zscaler (ZIA/ZPA/ZDX), Splunk, Sophos MDR, Mimecast, Okta Networking: Cisco (Catalyst, Nexus), Fortinet, firewalls and VPNs Security Ops: SIEM, intrusion detection, ethical hacking Scripting: PowerShell What They’re Looking For Proven experience in a security-focused infrastructure role Strong hands-on expertise with firewalls, SIEM ...

cyber defence.This is a fantastic opportunity for individuals with foundational knowledge in cybersecurity or IT support who are eager to advance their careers in threat detection, incident response, and real-time security monitoring. A great time to join a company looking to nurture new cyber talent from tier … assess, and prioritize security alerts generated from platforms such as SIEM, EDR, and XDR. Support clients by offering practical advice on incident response and threat containment. Work alongside senior analysts and response teams to drive incidents through to resolution. Examine suspected security events and escalate them in line with ...

OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation ...

requiring practical experience implementing controls, responding to incidents, and driving continual security improvements. Key Responsibilities Lead organisational cyber security activities and strategy. Oversee monitoring, threat detection, and incident response with internal teams and a third-party SOC. Act as Incident Commander during major cyber events and maintain ...

impactful opportunity.Key Responsibilities Monitor, investigate, and respond to security alerts and potential incidents. Lead security remediation activity on escalated MDR incidents. Develop and enhance threat detection rules and use cases. Implement and maintain security controls across Microsoft 365, Azure, and hybrid infrastructure. Support secure configuration, IAM, cloud environments ...

security cleared (DV Level) prior to appointment. Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams … driven environments. Experience required: Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch Proficiency in log parsing ...

security cleared (DV Level) prior to appointment. Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams … driven environments. Experience required: Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch Proficiency in log parsing ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection … Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will "Bridge the Gap" Between Manual Research & Scalable, Real-Time Threat Simulation. Skills & Experience of Cyber Security Engineer: Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade ...

applications and privileged roles. Privileged Access & Security Integration Architect and enhance Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring. Champion identity threat detection and response (ITDR) approaches to mitigate identity-based attacks. Integrate IAM with HR, IT, and engineering systems to support automated joiner/ ...

Cloud Engineer will help drive the evolution of the organisation's cloud security platforms, influencing product direction and enhancing automation across escalations, remediations, and threat detection workflows. The role also involves applying CI/CD and DevOps knowledge to practical use cases across diverse business units, delivering secure ...

platform products, systems, and solutions Experience delivering end-to-end cybersecurity solutions across complex programmes and projects Strong knowledge of cybersecurity domains such as Threat Detection and Response, Identity and Access Management, Infrastructure Security, or Information Protection Hands-on experience with AWS technologies and cloud security architectures Familiarity ...

seamless integration of multi-factor authentication with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response solutions to proactively identify and mitigate identity-based attacks. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos ...

controls across cloud infrastructure using Infrastructure as Code, with a security-first mindset. Automate security testing processes, including SAST, DAST and IAST, enabling early detection and remediation of vulnerabilities. Conduct and support regular automated security assessments, vulnerability scans and remediation planning. Build and maintain monitoring, alerting and threat detection capabilities using SIEM and cloud-native monitoring platforms. Collaborate closely with DevOps, engineering and information security teams to promote a strong DevSecOps culture and best practices. Provide actionable security insights to reduce risk and strengthen platform resilience. DevSecOps Engineer Requirements Proven hands-on experience in DevSecOps ...

Network & Security Engineering Implement, and support enterprise grade network and security solutions Deploy, configure, and troubleshoot Cisco Firepower firewalls, including policy configuration, VPNs, and threat protection Implement and maintain Cisco Identity Services Engine (ISE) for network access control, authentication, and authorization Work with Cisco Stealthwatch and other Cisco security … tools to provide visibility, monitoring, and threat detection Configure and support FortiGate firewalls where required, including firewall policies, VPNs, and security profiles Produce high quality technical documentation, including designs, implementation guides, and handover documentation Customer Engagement & Communication Serve as a trusted technical advisor to customers, clearly explaining solutions ...

current state, target state, roadmap, sprint backlog and a clear “definition of done”. Translate between exec outcomes and engineer reality: cost, risk, resilience, detection efficacy, operational overhead. Back-of-house delivery Design telemetry pipelines from end-to-end (collect process route store), including: Collection: agents/collectors, APIs … viable operate” checklists per platform Choose Your Primary Lens (One required — experience in both is advantageous) Security/SIEM Telemetry-to-use-case mapping Threat detection concepts and lifecycle awareness Event normalisation and structured security data models Observability/ITOps Distributed systems and service-level thinking Metrics, logs ...

strong vendor management, contract negotiation, and service performance governance. solid grounding in data architecture, governance, BI, and data-driven KPIs. experience implementing cybersecurity strategies, threat detection, and incident response. financial acumen across budgeting, forecasting, and ROI optimisation. an eye to the future - showing a passion for emerging technologies ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineeri click apply for full job details ...