51 to 75 of 119 Threat Detection Jobs in England

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary Work More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary This More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary We More ❯

you enjoy a varied environment, sharing your knowledge and experience to support, coach and mentor your colleagues, then we want to hear from you. Day to day responsibilities Lead threat detection and incident response across modern security platforms Monitor and analyse alerts from EDR/XDR platforms, cloud services (M365, AWS, Azure), SIEM systems and more. Manage and … optimise security tools and detection rules. Create and deliver comprehensive client security reports. Respond to and analyse cyber incidents at all severity levels. Implement and maintain security best practices. Participate in threat hunting initiatives. Act of a point of escalation for Junior Analysts. Stay up to date on the latest security trends. Some of the skills we are More ❯

management tools (e.g., Terraform, Helm, ArgoCD). United Kingdom Security Vetting Developed Vetting (DV) clearance. Preferred qualifications: Certifications in Security (e.g., GSEC, CISSP, CISM, OSCP). Experience with Kubernetes threat detection and anomaly detection. Experience with service mesh security concepts (e.g., Istio, Linkerd) and workload identity. Experience in detection engineering, logging pipeline development, or SIEM tuning in … security platforms with a strong emphasis on Kubernetes-based environments. You'll be at the intersection of security and engineering-developing scalable tooling, automating security controls, and enabling robust detection and response capabilities across our cloud infrastructure. This is an engineering-centric role that requires deep technical expertise in cloud environments, Kubernetes security, and platform automation. You'll work … needs of local, state and federal government and educational institutions. Responsibilities Deploy, configure, and manage cloud security platform tools and technologies, including Security Information and Event Management (SIEM), Intrusion Detection/Prevention Systems (IDS/IPS), and Cloud Workload Protection Platforms (CWPP). Develop and implement security monitoring and logging strategies. Investigate and analyse security incidents, including identifying root More ❯

our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will work alongside our team of security analysts and engineers to collectively … Management (SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with … and key company assets to enhance decision making and response to incidents. Tool and Platform Management Maintaining and optimising our Cyber Security tools and platforms to continuously improve our detection and response capability. Supporting the management, administration and support of our SIEM platform, including general infrastructure and system administration, troubleshootingand user access management Maintaining and tuning security detections and More ❯

Citi's Cyber Intelligence Center (CIC) is a global team that delivers timely threat intelligence to technical teams and decision makers, in support of threat detection, preparation, and incident response activities. The Regional Lead will oversee the team's operations in the UK/EU time-zone, including oversight of regional staff, driving quality control, collaboration with … other cyber-technical functions in the region, and working with senior leaders. The role will also help maintain our network of global intelligence partners. Direct experience in cyber threat intelligence is a necessity. This is a hybrid role with an in-office attendance component. Experience in fusion center operating environments or crisis response will be helpful. Responsibilities: Lead the … regional co-ordination of a cyber threat intelligence function Support local leadership and business in their intelligence needs Provide intelligence support to adjacent teams in a fusion center environment. Oversee quality control and production strategy for the region Conduct internal and external briefings on a regular basis, including to company leadership, to peer sharing environments, and to customers and More ❯

days onsite Rate: Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and fine … tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting - Familiarity More ❯

Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and … fine-tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting More ❯

Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and … fine-tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

digital assets while staying updated on the latest security threats and trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data More ❯

and reporting across Formula 1 s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1 s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1 s cyber security, infrastructure, and digital teams on new and existing More ❯

and reporting across Formula 1’s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1’s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing More ❯

end-to-end security controls across ION Markets on-premises infrastructure and other internal platforms. The role spans security architecture, engineering, and operations with a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be leading and participating in threat detection, incident response and vulnerability management remediation. You … best practices. Stay up to date with the latest security threats, news, intelligence, tactics, techniques, and vulnerabilities; conduct research and analysis to assess potential impact and exposure. Perform proactive threat hunting activities, and manage the triage, investigation, and escalation of security alerts. Develop Standard operating procedures for operations & architecture activities. Required Skills, Experience and Qualifications Degree/diploma/ More ❯

your technical expertise will be pivotal. You'll also play a critical role in shaping and safeguarding the organisation's cybersecurity posture - designing and implementing robust security protocols, managing threat detection and response, and ensuring compliance with key standards such as GDPR, Cyber Essentials, and ISO 27001. Collaboration is key, as you'll work closely with IT support … support. Familiar with VMware for virtualisation and cloud-based UC telephony systems. Solid understanding of DNS, DHCP, VPN access, and administration. Hands-on experience with firewalls (e.g., Fortinet), intrusion detection/prevention systems, and Cisco networking/routing. Knowledge of security best practices, including EDR/XDR platforms and antivirus solutions (e.g., EPO). Familiar with identity and access More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

experience onboarding and managing log sources in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting . Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.) . Experience working in a … Security Operations environment or supporting SOC functions . Understanding of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the More ❯

link Copy link Bachelor's degree or equivalent practical experience. 5 years of experience in cybersecurity, with an offensive security (e.g., Red Teaming, Penetration Testing, or Adversary Simulation) or threat modeling. Experience in a Security Operations Centre (SOC) or similar environment, with modern threat landscapes and attack techniques. Experience in technical troubleshooting and writing code in one or … more programming languages. Experience in threat modeling methodologies (e.g., STRIDE, PASTA, or attack trees) and secure system design principles. Eligibility to obtain UK Developed Vetting (DV) security clearance; British Citizenship is required for this role. Preferred qualifications: Certifications in OSCE3, CRTP/CRTE, GIAC GCSA/Kubernetes-related, OSCP, OSCE, CRTO, CISSP, or GIAC (e.g., GPEN, GCTI, GWAPT). … Experience designing or executing Purple Team exercises, combining offensive tactics with defensive feedback to drive continuous improvement. Experience with Kubernetes security, including secure cluster configuration, workload hardening, and threat detection in containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

fund that is number one in their specialist area and is currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach. Automate manual processes utilizing Infrastructure as Code (IaC). Collaborate and co-develop with external suppliers and internal engineering … teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming languages such as Python, Rust, C++, or others. Knowledge of SecOps tooling (SIEM, SOAR, Threat Intelligence). More ❯

and LogRhythm to join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate … security alerts from Microsoft Sentinel and LogRhythm . Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and More ❯

IT environments. Experience with penetration testing and vulnerability assessments; certifications such as CEH (Certified Ethical Hacker) are an advantage Solid hands-on experience managing and administering SIEM platforms for threat detection and incident analysis. Strong interpersonal and communication skills, with the ability to collaborate across teams-including non-technical stakeholders Analytical mindset combined with a pragmatic, solution-oriented More ❯