76 to 100 of 415 Threat Detection Jobs in England

of AWS Security, Identity, and Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security. Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO 27001, SOC2, GDPR, and NIST More ❯

and enforce privileged access management (PAM) solutions, securing admin accounts and critical systems. Support security audits and identity risk assessments, addressing access anomalies and reducing attack surfaces. Enhance identity threat detection and response capabilities in collaboration with SOC and SIEM teams. Required Skills & Experience 6+ years of hands-on IAM experience, with at least 2 years in an More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … SOC team Desirable (Nice-to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of More ❯

unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the forefront of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your skills across enterprise-scale log ingestion and customised Sentinel integration engineering. This role offers opportunities to ingest complex … Role You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that enhance threat detection and response. Log ingestion at scale across hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry for precision … and cost efficiency Partner with IR teams on real attacks, tuning rules against live threat actor activity Collaborate with Microsoft teams to develop advanced detection capabilities Contribute to internal knowledge bases and engineering standards Requirements Experience building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network More ❯

Partner. This role offers unparalleled access to Microsoft’s security product roadmap, previews, and frontline support. Work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns). You will refine your skills in enterprise-scale log ingestion and Sentinel integration engineering, handling complex logs from numerous cloud and … data sources. The Role Own and optimize enterprise-wide log onboarding into Microsoft Sentinel Deploy standard and custom connectors, Function Apps, and parsers Build tailored SIEM solutions for threat detection and response Manage log ingestion across hybrid and multi-cloud environments Enhance and develop custom Function Apps and ingestion pipelines Parse, normalize, and optimize log telemetry for precision … and cost efficiency Collaborate with IR teams on active threats Work closely with Microsoft teams to develop detection capabilities Contribute to knowledge bases and engineering standards Requirements Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, including KQL, analytics rules, and More ❯

to work with a market-leading business, contribute to cutting-edge security operations, and play a key role in enhancing security capabilities across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents effectively. Engineering robust detections and … performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications We're looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies … e.g., Docker) Threat Hunting, Detection Engineering, Incident Response Security Automation (SOAR), Hyper Automation practices Familiarity with the MITRE ATT&CK framework Experience with Zero Trust Network Architecture, IDS/IPS, vulnerability scanners, and web proxies Scripting or programming (Python, PowerShell, Bash, etc.) Join a global leader at the forefront of data-driven customer insights, where you’ll contribute More ❯

and potential threats. Investigate security incidents, conduct forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to ensure configuration conforms … to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response … EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python, PowerShell) for security operations and incident response. What's Next? Click apply below and we will ensure More ❯

The team you'll be working with: P3 Senior SOC Analyst (L3) We are currently recruiting a Senior SOC Analyst L3 Managed Detection and Responseto join our growing Security Operations Centre business. ThisrolewillbebasedonsiteinBirmingham,youwillneedtobewillingtoworkinshiftpatters,probably4dayson,4daysoff,asthisisa24/7securityoperationscentre. About Us NTT DATA is one of the world's largest Global Security services providers with over 7500 Security SMEs … from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection More ❯

The team you'll be working with: P3 Senior SOC Analyst (L3) We are currently recruiting a Senior SOC Analyst L3 Managed Detection and Responseto join our growing Security Operations Centre business. ThisrolewillbebasedonsiteinBirmingham,youwillneedtobewillingtoworkinshiftpatters,probably4dayson,4daysoff,asthisisa24/7securityoperationscentre. About Us NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs … from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection More ❯

the organisation’s cyber resilience. As a Senior Cyber Security Analyst, you will play a key role in protecting systems, networks, and data against cyber threats. You will lead threat detection and incident response efforts, support the development of security policies and controls, and work closely with stakeholders to ensure compliance and security best practice across the business. … teams to ensure cyber security best practice is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat … technical background. Detailed understanding of application security along with experience of working alongside software development teams, supporting and advising on best practice to maintain security. Significant experience of endpoint detection and response (EDR) technologies and network detection and response (NDR) technologies. Detailed knowledge of Information Security standards including Cyber Essentials, Cyber Essentials Plus and ISO27001. Good understanding of More ❯

such as malware, insider threats, DDoS attacks, and phishing. Your day will involve reviewing recent events, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and using threat intelligence to enhance security. You may also support digital forensics during security incidents. About You You should have a passion for IT and cybersecurity … Training and Development We offer in-house and external training opportunities, including certifications from SANS and Offensive Security. You will be mentored and gain hands-on experience in cybersecurity, threat detection, and incident response, with opportunities to attend conferences and travel. Rewards and Benefits Starting salary of £36,408 plus benefits such as 25-30 days annual leave More ❯

evolving cyber threats to ensure the security and integrity of our Firm. The role requires a deep understanding of Cybersecurity principles, incident response, cloud security, offensive security, and proactive threat detection with a proven track record of managing security risks and cross functional collaboration. The Security Team is 100% distributed and remote. This role will be reporting directly … collaborating with cross-functional teams to prioritize and remediate issues as necessary Develop and maintain security incident response playbooks and automate security workflows to improve efficiency and effectiveness Conduct Threat Hunting activities to identify potential issues and implement strategies for proactive threat detection Manage and optimize security tools and technologies, such as SIEM, SOAR, Container Orchestration like More ❯

and processes, mentoring the SOC team, and managing OT alerts and incidents. You should have a deep understanding of SecOps, IT, and OT environments, with skills in incident management, threat detection, and security improvement. Strong communication and collaboration skills are essential for working with cross-functional teams to mitigate risks. Key Responsibilities Contextualise OT Threats: Understand OT estate … processes; support tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM; reduce alert fatigue and improve incident resolution times. Proactive Risk Remediation: Identify and evaluate risks; perform threat hunting; demonstrate risk reduction through metrics. Incident Response: Lead incident triage and response; improve management processes; educate staff on incident reporting. Continuous Improvement: Drive automation and process enhancements; track More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

analysts and leveraging emerging technologies, the R2 Analyst helps maintain a vigilant and proactive defence against evolving cyber threats, enabling the organisation to operate securely and with confidence. Summary Threat Detection and Monitoring: Monitor the SOAR platform for EDR Logs, SIEM Logs, IDS Logs and Managed Intelligence sources. Identify potential threats, vulnerabilities, and indicators of compromise. Initiate escalation … procedures to counteract potential threats and vulnerabilities. Ability to analyze and interpret threat intelligence feeds and implement protective measures accordingly. Incident Remediation and Documentation: Provide incident remediation and prevention recommendations to customers using established procedures and analyst experience. Document and adhere to security monitoring processes. Apply preventative measures by implementing domain blocking, host isolation and file hash blacklisting. Customer … Compile and review service-focused reports for effective communication. Contribute to the creation and maintenance of security documentation, including incident response playbooks, standard operating procedures, and knowledge base articles. Threat Analysis and Collaboration: Contribute practical insights to the analysis of common security incidents. Maintain working relationships with the Analytic Development and Security Engineering teams. Collaborate with shift partners to More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure More ❯

applications. Deploy and Manage Security Tooling: Select, implement, and operate key tools across GCP , such as Cloud Armor , Cloud Identity , Security Command Center , and VPC Service Controls for ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and … Risk Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on cloud and application security fundamentals. Mentor and Lead: Act as a mentor to future hires, helping scale a high-impact cloud security function as the business grows. What you'll … with core cloud security components including IAM , WAFs , SIEM , CSPM , and vulnerability scanners. Technical Skills: Proficiency in at least one scripting or programming language (e.g. Python, Go, Bash). Threat Modeling: Practical knowledge of frameworks like STRIDE and PASTA. Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Collaborative Expertise: Clear and effective communication More ❯

collaboratively, and share ideas, knowledge and experience with team members as required. Assist in continuously updating the company’s security incident, data breach response and disaster recovery plans. Undertake threat detection practices. Undertake security hardening support practices with teams. Vulnerability management to analyse findings from vulnerability reports, assist with risk assessments on the vulnerabilities and coordinate remediation and … in IT support/infrastructure would be advantageous (e.g. servers, networking protocols, security controls, O365/Azure). First-hand experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products. Able to communicate effectively in verbal and written format with technical and non-technical audiences. Ability to effectively plan, schedule and adapt More ❯

FinOps) Collaborate with architects, developers, and security teams to align delivery with business and compliance objectives Implement security-first DevOps using tools like Terraform, Kubernetes, Jenkins, and CloudWatch Lead threat detection, logging, and incident response strategies across environments Define DevSecOps practices and mentor junior engineers in modern cloud security and automation Experience: Strong leadership in cloud security, especially More ❯

Monitor and mitigate security risks, responding to security alerts to protect infrastructure and data. Technology Leadership & Research Stay current with emerging technologies and best practices in hybrid cloud environments, threat detection and cybersecurity. Provide technical leadership on system upgrades, infrastructure improvements and new technologies. Disaster Recovery & Data Protection Implement robust backup and disaster recovery solutions, ensuring business continuity More ❯

for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You’ll Do:· Assess Acadian’s cloud IAAS environments for Indicators of Misconfiguration (IOMs) utilizing AWS built-in and More ❯

Security Operations (SecOps) Team, where we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security threats. … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and effectiveness of our security operations. Lead the response to security incidents from initial detection More ❯

hackajob Preston, England, United Kingdom Join or sign in to find your next job Join to apply for the Lead Threat Detection Analyst role at hackajob hackajob Preston, England, United Kingdom 21 hours ago Be among the first 25 applicants Join to apply for the Lead Threat Detection Analyst role at hackajob Get AI-powered advice … on this job and more exclusive features. hackajob is collaborating with BAE Critical Skills Subsid to connect them with exceptional tech professionals for this role. Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. … threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Essential Your skills and experiences: Experience More ❯