1 to 25 of 127 Threat Intelligence Jobs in England

the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Strategic Threat Intelligence team, reporting to the Strategic Threat Intelligence Manager. As a senior member in this team, you will have some limited line management responsibilities but will … be expected to be heavily involved in the training and mentoring of other Threat intelligence team members, as well as supporting the overall growth of the Strategic Threat Intelligence team. You will be expected to have strong consultancy skills and experience in delivering large/complex pieces of client facing work where you will need to … be able to manage multiple internal and external stakeholders. Key Accountabilities Support the development and growth of our Strategic Threat Intelligence capabilities in line with our overall Threat Intelligence and Corporate Strategy Support and lead the delivery of Regulator-driven Threat Intelligence Engagements (CBEST, TIBER, CORIE, iCAST, AASE) Deliver services from our Threat More ❯

DV clearance and therefore must be British-born. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber Threat Intelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This … position offers an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber Threat Intelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threat intelligence and vulnerability products … ensuring deadlines are met with excellence. Develop and continuously review tailored Priority Intelligence Requirements (PIRs) and collection plans to align intelligence products with client needs. Provide in-depth analysis, context, and predictive insights to support threat mitigation. Assess and enhance the maturity of the SOC's existing functions, driving continuous improvement. Lead, mentor, and develop a high More ❯

the security community and society through collaboration, sharing and learning and protect our Critical National Infrastructure in line with Government regulations. We are seeking a skilled and experienced Cyber Threat Operational Intelligence Manager to join our team. The ideal candidate will be responsible for leading a team at the heart of Vodafone's Cyber Defence organization: analyzing cyber … threats and providing actionable insights to protect Vodafone and its customers from potential attacks. This role requires great people management skills, a deep understanding of cyber threat landscape, strong analytical skills, the ability to communicate effectively with stakeholders and to work collaboratively with colleagues of varying backgrounds and experience. Lead one of Vodafone Group's Cyber Threat Intelligence Teams with line management responsibilities for several staff with varying levels of expertise and experience. Create and/or guide the creation of threat assessments and provide actionable intelligence to relevant stakeholders. Lead and support proactive investigations on priority threats through our Threat Action Groups/Threat and Vulnerability Reviews. Support Incident Management/CSOC More ❯

Cyber Threat Intelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber Threat Intelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary … and the opportunity for remote working. The Role As a Cyber Threat Intelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to … compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and More ❯

triage and escalation of reports and requests from Government organisations. Support Incident Management when required during periods of heightened operational activity. Maintain an understanding of the real-world cyber threat, identifying trends and emerging threats. Maintain an understanding of the cyber threats likely to target the business. Facilitate the timely sharing of high-quality actionable Cyber Threat Intelligence … stakeholders. Work collaboratively with Incident Management, providing insights on adversaries to enable a more effective response, and capturing insights for wider use. Support the implementation and ongoing management of Threat Intelligence tooling and infrastructure, including, malware sandboxes, and threat intelligence platforms. Engage with the wider public sector cyber security, cyber threat intelligence and assessment … communication skills, including the ability to clearly and simply explain technical details to non-technical audiences, and engage with senior stakeholders. Experience working with internal and external stakeholders. Cyber Threat Intelligence Specific Excellent understanding of the tools, techniques and procedures used by adversaries in real-world cyber attacks. Experience monitoring a variety of sources of information to identify More ❯

triage and escalation of reports and requests from Government organisations. * Support Incident Management when required during periods of heightened operational activity. * Maintain an understanding of the real-world cyber threat, identifying trends and emerging threats. * Maintain an understanding of the cyber threats likely to target the business. * Facilitate the timely sharing of high-quality actionable Cyber Threat Intelligence … stakeholders. * Work collaboratively with Incident Management, providing insights on adversaries to enable a more effective response, and capturing insights for wider use. * Support the implementation and ongoing management of Threat Intelligence tooling and infrastructure, including, malware sandboxes, and threat intelligence platforms. * Engage with the wider public sector cyber security, cyber threat intelligence and assessment … communication skills, including the ability to clearly and simply explain technical details to non-technical audiences, and engage with senior stakeholders. * Experience working with internal and external stakeholders. Cyber Threat Intelligence Specific * Excellent understanding of the tools, techniques and procedures used by adversaries in real-world cyber attacks. * Experience monitoring a variety of sources of information to identify More ❯

triage and escalation of reports and requests from Government organisations. * Support Incident Management when required during periods of heightened operational activity. * Maintain an understanding of the real-world cyber threat, identifying trends and emerging threats. * Maintain an understanding of the cyber threats likely to target the business. * Facilitate the timely sharing of high-quality actionable Cyber Threat Intelligence … stakeholders. * Work collaboratively with Incident Management, providing insights on adversaries to enable a more effective response, and capturing insights for wider use. * Support the implementation and ongoing management of Threat Intelligence tooling and infrastructure, including, malware sandboxes, and threat intelligence platforms. * Engage with the wider public sector cyber security, cyber threat intelligence and assessment … communication skills, including the ability to clearly and simply explain technical details to non-technical audiences, and engage with senior stakeholders. * Experience working with internal and external stakeholders. Cyber Threat Intelligence Specific * Excellent understanding of the tools, techniques and procedures used by adversaries in real-world cyber attacks. * Experience monitoring a variety of sources of information to identify More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

Citi's Cyber Intelligence Center (CIC) is a global team that delivers timely threat intelligence to technical teams and decision makers, in support of threat detection, preparation, and incident response activities. The Regional Lead will oversee the team's operations in the UK/EU time-zone, including oversight of regional staff, driving quality control, collaboration … with other cyber-technical functions in the region, and working with senior leaders. The role will also help maintain our network of global intelligence partners. Direct experience in cyber threat intelligence is a necessity. This is a hybrid role with an in-office attendance component. Experience in fusion center operating environments or crisis response will be helpful. … Responsibilities: Lead the regional co-ordination of a cyber threat intelligence function Support local leadership and business in their intelligence needs Provide intelligence support to adjacent teams in a fusion center environment. Oversee quality control and production strategy for the region Conduct internal and external briefings on a regular basis, including to company leadership, to peer More ❯

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to More ❯

Job title: Cyber Threat Intelligence Analyst Location: Preston, Frimley or Filton We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £45,000 depending on experience What you’ll be doing: Performing threat research to identify threats relevant to BAE Systems, including collecting … processing, and disseminating actionable, high fidelity threat intelligence Assisting with the identification of current tactics, techniques, & procedures (TTPs) and Indicators of Compromise (IOC) Uses analysis techniques useful for investigating suspected attacks and perform intelligence tasking Will develop and maintain knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Your skills … and experiences: Essential: An understanding of Cyber Threat Intelligence techniques and best practice Knowledge of cyber threat landscape, current affairs, and geopolitics, including activity groups and how to apply this knowledge within an operational environment Desirable: Knowledge of the types of threat actors and how they operate Knowledge of network protocols such as HTTP(S), SMTP More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments … provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker … TTPs. Develop and maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. More ❯

A leading, award-winning cyber security and risk management organisation is seeking a highly experienced and motivated Senior Cyber Security and Threat Intelligence Sales Consultant. This is an exciting opportunity to join a fast-growing team delivering cutting-edge security, threat intelligence, and managed service solutions to enterprise clients. Key Responsibilities Sell security and threat intelligence solutions, platforms, and managed services into global enterprise accounts. Present a wide-ranging portfolio of innovative and established security solutions to new and existing customers. Identify client needs and deliver tailored technical and business-aligned solutions. Target prospective customers through cold calling, face-to-face meetings, and professional networking. Manage the full sales cycle from prospecting to … and RFP proposals. Deliver impactful presentations to senior-level stakeholders. Maintain long-term relationships with key decision-makers and influencers. Build and execute account plans focused on security technologies, threat intelligence, and managed services. Drive business strategy to grow revenue and profitability through cross-selling opportunities. Navigate complex sales environments with political and commercial awareness. Required Experience & Skills More ❯

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them ahead of the curve when it comes to threat … systems in place and you'll have the chance to shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on More ❯

people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description Experian Cyber Fusion Center is looking for a Threat Intelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization … and lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the Threat Intelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of … Primary Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

Principal Cybersecurity Researcher (Reverse Engineering) London, UK With 1,000 intelligence professionals, over $300M in sales, and serving over 1,900 clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company! Reversing Emulation and Testing (RET) is a core function of Insikt Group's Technical Analysis (TA) Team. We seek a principal technical threat … lead high-impact research and drive innovation in analytical capabilities within Insikt Group. You will guide and shape technical research into state-sponsored and cybercriminal malware, collaborating across functional intelligence teams to support finished intelligence reporting and platform enrichment. Your responsibilities will include not only conducting advanced malware reverse engineering and infrastructure emulation but also designing and implementing … internal tools and workflows that increase our team's efficiency. You will be expected to develop and formalize novel approaches to dynamic analysis, configuration extraction, and threat behavior modeling. This position entails representing Insikt Group's technical threat research in customer briefings, webinars, and industry engagements. You will communicate complex technical findings to diverse audiences ranging from internal More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information … to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Department Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global … networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers. About the Role Cloudflare is a system spanning the globe, on a mission to make the internet better, safer, and more powerful everyday. To help fulfill this mission, we More ❯

Company Background ThreatConnect enables threat intelligence, security operations, and cyber risk management teams to work together for more effective, efficient, and collaborative cyber defense. With ThreatConnect, organizations can infuse ML and AI-powered threat intel and cyber risk quantification into their work, allowing them to contextualize an evolving threat landscape, prioritize the most significant risks to … family to grow with us and share in our success. We love to recognize our employees who have gone above and beyond. Job Description ThreatConnect is the most comprehensive threat intelligence platform on the market today. Our platform is used by thousands of organizations, and over 40 of the Fortune 100, to help them quickly aggregate, analyze, and … act on their threat data to mitigate risk and threats to their network security. We're looking for a talented and experienced Customer Success Engineer CSE who can hit the ground running in a fast-paced, quickly evolving environment. The position will report to the Director of Customer Success Engineering. The right candidate will bring deep knowledge of the More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

data from unauthorized access, cyber threats, and data breaches. The ideal candidate should have a strong background in cybersecurity, particularly in DLP of email security, cloud applications, endpoints and threat prevention with a proven ability to respond to evolving security challenges. Responsibilities: Proofpoint Management: Configure, deploy, integrate, and manage Proofpoint security solutions, including email security, data loss prevention (DLP … threat protection, and information protection. Monitor and analyse Proofpoint alerts and logs to detect and respond to security incidents and threats. Regularly update and optimise Proofpoint configurations to adapt to evolving threat landscapes and organisational needs. Develop and maintain custom filters and rules within Proofpoint to enhance security measures tailored to organisational needs. Collaborate with vendors and external … regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber threats targeting the organisation. Participate in or lead incident response activities related to More ❯

experience working in an existing cyber security operations role and be able to demonstrate working knowledge of IT security operations including security alert/incident response and investigation practices, threat intelligence and hunting, and cyber security tooling and reporting. This role also provides the opportunity to contribute to the ongoing improvement of our cyber security detection and protection … reporting (e.g. Microsoft Sentinel SIEM, endpoint XDR, cloud & network) and confidence in writing SIEM queries. Experience in endpoint and network-based security detection, prevention and investigations An interest in threat intelligence and knowledge of threat hunting techniques Experience supporting incident response engagements: containing threats, root cause analysis and restoring operations Demonstrable experience of working with information and More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯