76 to 100 of 128 Threat Detection Jobs in England

HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x More ❯

on premises environments. Working closely with infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation, assessments and continuous improvement activities. CYBER … including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with endpoint protection and vulnerability … application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

remediation, and integration with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong More ❯

the customer. Collaborate with stakeholders to tailor Sentinel use cases to the customer's security requirements. Provide ongoing support, tuning, and troubleshooting of Sentinel implementations. Ensure best practices for threat detection, incident response, and monitoring are applied. What You Will Ideally Bring: Deep, hands-on experience with Microsoft Sentinel and Azure security services. Strong understanding of SIEM concepts … as a trusted advisor/SME for security operations and SIEM tools. Excellent communication skills with the ability to work closely with customers remotely. Strong problem-solving, analytical, and threat-hunting abilities. Contract Details: Duration: 6 months Initially Location: Remote Day Rate: Up to £500 per day (Outside IR35) Sentinel SME - 6 months - Remote - Outside IR35 More ❯

Lead the design and implementation of scalable, automated solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all More ❯

inconsistencies. Facilitate smooth transitions across IT and OT environments, including hypercare and process adaptations. Investigate and resolve IAM security incidents, access anomalies, and authentication issues. Review and monitor Identity Threat Detection & Response (ITDR) systems. Collaborate with SOC teams to detect privileged account misuse and insider threats. Identity & Access Management (IAM): Design, implement, and maintain IAM solutions leveraging Active … integration. Privileged Access Management: CyberArk – Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional SailPoint IdentityNow/IdentityIQ Engineer CyberArk Defender/Guardian CISSP or Certified Identity and More ❯

inconsistencies. Facilitate smooth transitions across IT and OT environments, including hypercare and process adaptations. Investigate and resolve IAM security incidents, access anomalies, and authentication issues. Review and monitor Identity Threat Detection & Response (ITDR) systems. Collaborate with SOC teams to detect privileged account misuse and insider threats. Identity & Access Management (IAM): Design, implement, and maintain IAM solutions leveraging Active … integration. Privileged Access Management: CyberArk – Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional SailPoint IdentityNow/IdentityIQ Engineer CyberArk Defender/Guardian CISSP or Certified Identity and More ❯

cybersecurity role. Expert knowledge of Splunk (preferably Splunk Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS More ❯

cybersecurity role. Expert knowledge of Splunk (preferably Splunk Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS More ❯

Analysing, prioritising, and escalating potential threats to keep clients secure. Responding rapidly to incidents and maintaining vigilance across multiple environments. Collaborating closely with your SOC teammates to ensure seamless threat detection and incident response. 🧠 What You’ll Bring A genuine passion for cybersecurity and the drive to grow in the field. Relevant certifications such as CompTIA Security+ or More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

Head of Cyber Security to strengthen the organisations security posture, protect critical infrastructure, and reduce risk across a diverse and complex environment. Youll take ownership of real security challenges threat monitoring, vulnerability management, incident response, and continuous hardening of systems while helping shape a maturing cyber function. This is hands-on, meaningful engineering work within a team thats growing … and being taken seriously at board level. Key Responsibilities Threat Detection & Monitoring: Actively identify and analyse emerging risks across networks, applications and infrastructure. Incident Response: Support the creation, improvement and execution of response processes, ensuring swift containment and minimisation of impact. Security Assessments: Conduct regular audits and reviews, ensuring systems align to best practice and evolving security standards. … first culture by supporting colleagues, sharing knowledge and promoting safe working practices. What Youll Bring 3+ years cyber security experience within a sizeable or complex organisation. Strong understanding of threat analysis, vulnerability management and incident response. Experience with mainstream security tools (firewalls, IDS/IPS, scanning platforms, monitoring tools). Relevant certifications (CISSP, CEH, or similar) are highly desirable. More ❯

efficiently as the team grows. You’ll be: Building, integrating, and optimising SIEM pipelines and data sources Developing and maintaining runbooks, playbooks, and automation workflows Supporting SOC Analysts with detection, triage, and response activities Working with CrowdStrike LogScale (Humio) to fine-tune alerting and detection logic Driving low MTTD and MTTR through innovation and continuous improvement About You … cause. You’ll bring: Strong scripting skills (Python, PowerShell, or Bash) Experience with KQL or similar query languages Hands-on experience with CrowdStrike, SIEM, or EDR tooling Exposure to threat detection, log ingestion, and alert optimisation Excellent analytical thinking and initiative — you don’t wait to be told what to fix Why Join Be part of a greenfield More ❯

equivalent) required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central) Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents) Understanding of zero trust networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring … Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and data management Work alongside experienced InfoSec leadership in More ❯

equivalent) required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central) Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents) Understanding of zero trust networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring … Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and data management Work alongside experienced InfoSec leadership in More ❯

security monitoring platform, ensuring optimal performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM More ❯

security monitoring platform, ensuring optimal performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM More ❯

to join them on a permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response & Security Operations Lead and mature … security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry and security posture Leadership & Team Management Line manage and mentor a security engineer and future team … members Strategic & Stakeholder Engagement Partner with third-party security service providers and managed services Align regional security operations with global CISO strategy Operational Excellence Enhance detection and monitoring capabilities aligned to NIS2/NIST frameworks Drive continuous improvement of security tools, processes, and procedures Ensure appropriate balance between local autonomy and corporate alignment Contribute to broader security strategy and More ❯

to join them on a permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response & Security Operations Lead and mature … security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry and security posture Leadership & Team Management Line manage and mentor a security engineer and future team … members Strategic & Stakeholder Engagement Partner with third-party security service providers and managed services Align regional security operations with global CISO strategy Operational Excellence Enhance detection and monitoring capabilities aligned to NIS2/NIST frameworks Drive continuous improvement of security tools, processes, and procedures Ensure appropriate balance between local autonomy and corporate alignment Contribute to broader security strategy and More ❯

the build and configuration of the solution in a secure enterprise environment. Required Skills & Experience: * Proven experience architecting and deploying SentinelOne in enterprise environments. * Strong understanding of endpoint protection, threat detection, and response capabilities. * Experience with on-prem infrastructure on virtualized platform , networking, and storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and More ❯

in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability scans with Qualys More ❯

in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability scans with Qualys More ❯

The postholder will: Lead and oversee the operation, maintenance, and performance of the SWSDE platform, ensuring security, stability, and scalability at all times. Manage and monitor system security , including threat detection, risk management, and incident response, ensuring compliance with SATRE, ISO27001, DSPT, and NHS cybersecurity frameworks. Develop and maintain secure data pipelines from contributing NHS and partner organisations More ❯