101 to 125 of 208 Threat Intelligence Jobs in England

logs, network traffic, and endpoint telemetry Supporting containment and recovery efforts during active security incidents Continuously enhancing SOC capabilities, tooling, and detection rules using threat-informed approaches like MITRE ATT&CK Producing detailed incident reports and documentation for both technical and non-technical stakeholders Assisting with threat intelligence … a Security Operations Centre (SOC) Solid knowledge of SIEM tools such as Microsoft Sentinel or Splunk Familiarity with the MITRE ATT&CK framework and threat detection methodologies Strong analytical skills with a keen eye for detail in log analysis and network monitoring Basic understanding of enterprise security architecture including More ❯

the specialist in the team, your main responsibilities will be to ensure the SOC is best placed to protect the BBC in the current threat landscape and to deal with any incidents as and when they occur. A keen understanding of the latest cyber-attack patterns would be beneficial … where you have identified any gaps in our monitoring capability. • Provide support to the Digital Forensics team where requested as part of formal investigations. Threat Intelligence and Vulnerability Management • Carry out research and produce reports to ensure the BBC is aware of the current threat landscape and … and/or using a SIEM tool (ideally Splunk) • Experience of working in a team in a technical discipline. • Knowledge of the current cyber threat landscape and an understanding of how organisations can protect themselves in it. • Highly effective and creative problem-solving skills, across a broad range of More ❯

with recruitment and onboarding of new SOC team members Act as the primary technical escalation point for complex security incidents and investigations Support advanced threat hunting, incident response, and forensic analysis Ensure the SOC follows best practices and industry standards Client Engagement & Technical Account Management Oversee security tool deployments … a SOC environment, with at least 1 year in a leadership role Strong technical knowledge of security tools, including SIEM, SOAR, EDR, Firewalls, and Threat Intelligence platforms Hands-on experience with security incident handling, threat hunting, and forensic analysis Excellent understanding of attack tactics, techniques, and procedures More ❯

be progressing your career at a global, hugely profitable, Investment Management firm. As a Cyber Defence Analyst you will take a proactive approach to threat hunting and security incident response. You'll play a key role in detection enhancements, improvements to standard operating procedures and will collaborate with internal … strong experience in Security Operations, CSIRT or similar role You have experience of building out functions of a Cyber Defence Team e.g. insider risk, threat intelligence, breach attack simulation You have a strong knowledge of SIEM and deep Splunk experience You have a good understanding of various security More ❯

for security monitoring and analysis. Familiarity with security technologies and an understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of Threat Intelligence , Digital Forensics , and Data Loss Prevention . Relevant certifications such as CISSP , CEH , or Splunk certifications are highly desirable. Ability to thrive More ❯

software development lifecycles, application architectures, key attack vectors, and corresponding compensating controls. Cloud Security (Microsoft): Demonstrated experience and proficiency in securing cloud environments. Cyber Threat Intelligence: Ability to analyse and respond to emerging cyber threats and how this can be used to update secure architecture principles. About What More ❯

IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity More ❯

IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity More ❯

incident response, compliance, and implementing innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in Azure environments. … response: investigate and mitigate security incidents, applying root cause analysis and remediation. Security testing: conduct regular application and network security assessments to identify vulnerabilities. Threat intelligence: monitor the cybersecurity landscape for emerging threats and develop innovative defensive strategies. Development security: monitor version control systems, identify vulnerabilities, and collaborate More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function … delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing, and Security Analytics functions develop under your leadership to deliver maximum context More ❯

we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a … Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and effectiveness More ❯

principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks Experience of formal document creation, such as the creation of reports or procedures Threat Intelligence analysis and best practice Security Incident Response processes, procedures, and best practices Disaster Recovery and Business Continuity principles Event and log analysis More ❯

and secure-by-design approaches. Exposure to DevSecOps practices, security tooling integration into CI/CD pipelines, and secure development lifecycle support. Awareness of threat intelligence, attack vectors, and emerging vulnerabilities across enterprise IT ecosystems. Ability to contribute to client workshops, security design reviews, and collaborative problem-solving More ❯

Lead the security working group for specified national capabilities Apply and implement Secure by Design Monitor systems for anomalies or unusual events, and use threat intelligence sources to identify security incidents and coordinate with relevant stakeholders for a swift resolution Enhance the security culture within the national Policing More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

software development practices (DevSecOps, secure coding standards, OWASP top 10) into everyday processes. Oversee the security posture of cloud environments, ensuring secure configurations, proactive threat monitoring, and resilience planning. Establish and maintain a robust risk management framework, proactively identifying, assessing, and mitigating cybersecurity risks in alignment with business goals. … Define standards for operational security including vulnerability management, incident detection and response, threat intelligence, and third-party/vendor security management. Act as the key internal and external security spokesperson, confidently communicating security strategy, risks, and controls to the Board, customers, regulators, and other stakeholders. Serve as the More ❯

best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM …/SOAR platforms, endpoint detection and response (EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python More ❯

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is More ❯

DFTO, responsible for establishing and maturing the group's overall cyber security posture, ensuring it effectively mitigates risks in the face of the evolving threat landscape. This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating … gaps, and develop/oversee implementation of tailored uplift programmes. Develop core cyber capabilities: Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence/vulnerability management programs as key priorities. Group Cyber Services & Technology: Develop, promote and implement shared cyber services and evaluate/select … Extensive experience developing and implementing cyber security strategies, frameworks (including maturity models), and risk management methodologies in complex organisations. Accredited in ISO27001 or similar. Threat Landscape & Incident Response: Deep understanding of modern cyber threats and attack vectors, coupled with proven experience in developing and managing effective incident response processes. More ❯

of experience in cybersecurity, with at least 3 years in a leadership role within a SOC or similar environment. - Proven experience in incident response, threat intelligence, and security operations. - Demonstrated success in building, leading, and managing high-performing teams. - Skills: - Strong leadership and management skills, with the ability More ❯

security (Azure, AWS, etc.). Knowledge of compliance frameworks like PCI DSS, HIPAA, SOC 2. Proficiency with Windows, Linux, macOS, and network protocols. Understanding threat intelligence platforms and attack mitigation techniques. Strong problem-solving skills. Certifications: CISSP, CEH, Security+, CISM, or similar; Cisco CCNP Security or equivalent. Experience More ❯

Designing and implementing secure infrastructures, ensuring robust protection against potential threats in BSF cloud platforms – for example: Azure, AWS and Microsoft 365 environments. Utilise threat intelligence to stay informed about emerging threats and vulnerabilities, and integrate this information into security strategies Designing and implementing network set-up and More ❯

Designing and implementing secure infrastructures, ensuring robust protection against potential threats in BSF cloud platforms – for example: Azure, AWS and Microsoft 365 environments. Utilise threat intelligence to stay informed about emerging threats and vulnerabilities, and integrate this information into security strategies Designing and implementing network set-up and More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯