26 to 50 of 124 Threat Detection Jobs in England

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

responsibilities - Monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. - Maintain and optimize security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team Diverse Experiences Amazon More ❯

to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role … actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver … business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and More ❯

security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves … cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and More ❯

security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves … cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … within a SOC team. it would be highly desirable to have cybersecurity certifications like CRT or OSCP, and a proven talent for fine-tuning detection logic and enhancing SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal … role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … within a SOC team. it would be highly desirable to have cybersecurity certifications like CRT or OSCP, and a proven talent for fine-tuning detection logic and enhancing SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal … role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate … Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and More ❯

events using system logs, network traffic, and endpoint telemetry Supporting containment and recovery efforts during active security incidents Continuously enhancing SOC capabilities, tooling, and detection rules using threat-informed approaches like MITRE ATT&CK Producing detailed incident reports and documentation for both technical and non-technical stakeholders Assisting … with threat intelligence activities as needed Staying current on evolving threats, attack techniques, and industry best practices For the SOC role you will have: Hands-on experience working in a Security Operations Centre (SOC) Solid knowledge of SIEM tools such as Microsoft Sentinel or Splunk Familiarity with the MITRE … ATT&CK framework and threat detection methodologies Strong analytical skills with a keen eye for detail in log analysis and network monitoring Basic understanding of enterprise security architecture including firewalls, VPNs, AV, and web applications Good grasp of network protocols such as TCP/IP, HTTP, SMTP, and More ❯

strategy. They're now looking to hire a knowledgeable Cyber Security Analyst to play a key role in safeguarding sensitive client data and supporting threat response across complex environments. The role offers a salary of £60,000 - £70,000, excellent benefits, and a flexible hybrid working setup. Your Responsibilities … Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach Designing and fine-tuning rules and playbooks to improve threat detection and response Working with customers to shape and implement tailored security monitoring workflows Supporting both live operations and onboarding of new services … Researching threat intelligence to enhance SOC processes Reviewing junior analyst cases and helping develop their capabilities Owning ticket queues, meeting SLAs, and ensuring high-quality case records Participating in projects across departments and improving internal procedures Taking part in the on-call incident escalation rota You'll Need: 3+ More ❯

resilience. As they continue to grow and enhance their cyber maturity, they're seeking a passionate Senior Cyber Security Analyst to support critical incident detection, response efforts, and security automation. The position offers a salary of £50,000 - £60,000, a strong benefits package tailored for UK employees, and … a hybrid working model with remote flexibility. Your Responsibilities Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach Designing and fine-tuning rules and playbooks to improve threat detection and response Working with customers to shape and implement tailored security monitoring workflows … Supporting both live operations and onboarding of new services Researching threat intelligence to enhance SOC processes Reviewing junior analyst cases and helping develop their capabilities Owning ticket queues, meeting SLAs, and ensuring high-quality case records Participating in projects across departments and improving internal procedures Taking part in the More ❯

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience More ❯

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience More ❯

Investment Management 💰 £££ Competitive Day Rate | Contract with Perm Option 📍 Central London | Hybrid Working ✅ Senior-level Cyber Security Engineer ✅ Core security disciplines – infrastructure, cloud, identity, threat, risk ✅ Initial contract with an option to convert to permanent employment You'll be working for a well-established investment management firm as a … broad security knowledge will directly impact infrastructure, cloud, data, and application integrity. The Role: Deliver security engineering across network, cloud, and endpoint infrastructure Support detection, response, and threat modelling Help mature identity & access management controls Lead on vulnerability remediation and risk assessments Act as SME in cross-functional … projects involving security tooling & design What You Need: ✔ Proven experience in senior security engineering roles ✔ Strong across core cyber disciplines – infrastructure, cloud, IAM, threat detection, risk ✔ Ability to balance strategic thinking with hands-on delivery ✔ Comfortable in a regulated environment (finance ideal but not essential) ✔ Confident communicator, able More ❯

Investment Management 💰 £££ Competitive Day Rate | Contract with Perm Option 📍 Central London | Hybrid Working ✅ Senior-level Cyber Security Engineer ✅ Core security disciplines – infrastructure, cloud, identity, threat, risk ✅ Initial contract with an option to convert to permanent employment You'll be working for a well-established investment management firm as a … broad security knowledge will directly impact infrastructure, cloud, data, and application integrity. The Role: Deliver security engineering across network, cloud, and endpoint infrastructure Support detection, response, and threat modelling Help mature identity & access management controls Lead on vulnerability remediation and risk assessments Act as SME in cross-functional … projects involving security tooling & design What You Need: ✔ Proven experience in senior security engineering roles ✔ Strong across core cyber disciplines – infrastructure, cloud, IAM, threat detection, risk ✔ Ability to balance strategic thinking with hands-on delivery ✔ Comfortable in a regulated environment (finance ideal but not essential) ✔ Confident communicator, able More ❯

fulfilling life. YOUR CANDIDATE JOURNEY Discover what to expect during your journey as a candidate with us. The Opportunity: Are you looking for a threat hunter role, detecting cyber threats in support of active forensic investigations? Cyber threats are evolving, and when perimeter security and automated protection aren't … enough, networks are compromised, information is accessed, data is exfiltrated, backups are wiped, and ransomware is deployed, locking up an entire organization. Join our threat detection and response team to perform active threat hunting and assist organizations in recovering from cyber incidents. We're seeking CND and … think like cyber attackers to understand how security measures were circumvented. This role offers an opportunity to use your analytical skills and gain endpoint detection and response experience to identify indicators of compromise. You will collaborate with incident response analysts engaged in forensic investigations. Join us. The world can More ❯

data protection and ISO compliance. We are excited to be expanding our cyber security offering to encompass managed security services, specialising in security monitoring, threat detection, and response. As we expand, we are looking for a skilled and motivated SOC Engineer to help strengthen our security operations capabilities. … This role is ideal for someone who enjoys building security detection capabilities, automating processes, and enhancing security monitoring capabilities. Job Purpose As a Security Operations Engineer , you will be responsible for developing and fine-tuning security detection rules, integrating customer data sources, building security processes and documentation, and … enhance SOC efficiency. In addition, you will provide occasional support to SOC monitoring activities, assisting in incident analysis and response. Responsibilities Develop, optimise SIEM detection analytical rules, correlation rules and dashboards. Onboard and integrate log data sources, ensuring log collection, parsing, and normalisation. Assist in creation and maintenance of More ❯

the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.) Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation … logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health checks, performance tuning and capacity planning Skills Expertise in SIEM design, deployment and optimisation Hands-on expertise with … more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor More ❯

the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.) Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation … logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health checks, performance tuning and capacity planning Skills Expertise in SIEM design, deployment and optimisation Hands-on expertise with … more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor More ❯

and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design … and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and … Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical solutions. More ❯

a comprehensive UK benefits package, and flexible hybrid working. Your Responsibilities Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach. Designing and fine-tuning rules and playbooks to improve threat detection and response. Working with customers to shape and implement tailored security … monitoring workflows. Supporting both live operations and onboarding of new services. Researching threat intelligence to enhance SOC processes. Reviewing junior analyst cases and helping develop their capabilities. Owning ticket queues, meeting SLAs, and ensuring high-quality case records. Participating in projects across departments and improving internal procedures. Taking part More ❯

eradication, and recovery. Perform forensic analysis. Develop trusting relationships with critical third-party security providers. Prepare reports on security incidents and recommend improvements. Develop threat intelligence relevant to the business. Conduct threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate tools … threats, and technologies. Qualifications Relevant certifications (e.g., CompTIA Security+, CEH, CISSP) are desirable. Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option More ❯

operations, ensuring resilient and secure environments. 🏡 Key Responsibilities: Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design … and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. 🏡 What we’re looking for Solid background in information security with a focus on cloud security, security architecture, and EUC … in languages such as Powershell & Python. Proven track record in designing and implementing security architectures in complex environments. Experience with security engineering, incident response, threat hunting, or digital forensics. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, Microsoft Security Certifications, AWS Security Specialty. Knowledge of ITIL. 🏡 What More ❯