101 to 125 of 148 Threat Intelligence Jobs in England

during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

IT, engineering, and business teams to ensure swift containment and recovery. Review and tune security alerts with the MDR provider, refining detection rules to minimize false positives and improve threat identification accuracy. Develop, track, and report on key MDR performance indicators (KPIs) to leadership, highlighting trends and the effectiveness of security operations. Maintain and evolve our security incident response … responding to complex security incidents. Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar). Ability to query data, analyze logs, and understand how data sources feed into threat detection. Strong knowledge of EDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black) and their role in detecting and responding to threats on endpoints. Solid understanding of network protocols, firewalls, intrusion …/prevention systems (IDS/IPS), and network traffic analysis. Familiarity with security principles and services in major cloud environments (AWS, Azure, GCP). Ability to consume and apply threat intelligence to proactively improve security controls and detection mechanisms. Experience with MacOS desired. Experience with web3 environments desired. Must be able to articulate complex technical concepts to both More ❯

tasks, and develop new detection content including machine learning analytics and security automation. Maintain and update SOC documentation, processes, procedures, and operational metrics/dashboard reporting. Build and enhance threat intelligence capabilities, sharing actionable insights across the organisation and wider smart energy sector. Collaborate with internal and external teams to identify opportunities for security improvements and evaluate emerging … including leading investigations in complex environments. Strong ability to work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure More ❯

The Role We are seeking a seasoned Senior Cyber Security Consultant with a background in SOC engineering tools plus one of Cloud Security, Identity and Access Management (IAM) or Threat Modelling. In this role, you will work with cross-functional teams to deliver cutting-edge security solutions that address the evolving threat landscape, helping organisations to safeguard their … and other monitoring tools. Provide technical guidance to engineering teams on secure design and implementation. Develop playbooks and automation scripts to enhance SOC efficiency and incident response capabilities. Integrate threat intelligence feeds into SOC workflows for real-time monitoring and response. Conduct regular tool performance reviews and implement upgrades or replacements as necessary. Skills Extensive experience in SOC … tools engineering plus one of Cloud Security, Identity & Access Management (IAM) or threat modelling. Hands-on experience with SOC tools, including SIEM, SOAR and EDR solutions. Strong experience in securing cloud platforms (AWS, Azure, GCP) and understanding of their native security services (preferred). Knowledge of IAM principles, tools (e.g., Okta, Azure AD, CyberArk), and frameworks (preferred). Proficiency More ❯

to translate technical threats into business terms. Tools & Technologies - You will work with a modern SOC technology stack, including: SIEM: Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint Threat Intel: Recorded Future Network Analysis: Wireshark/tcpdump SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps Vulnerability Management: Tenable Nessus/Tenable.io Other nice to have tools: Shodan, Censys More ❯

to translate technical threats into business terms. Tools & Technologies - You will work with a modern SOC technology stack, including: SIEM: Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint Threat Intel: Recorded Future Network Analysis: Wireshark/tcpdump SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps Vulnerability Management: Tenable Nessus/Tenable.io Other nice to have tools: Shodan, Censys More ❯

you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the … design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure More ❯

ISO 27001, and other security standards. Risk Management: Maintain risk frameworks and produce assurance documentation. Secure by Design: Partner with project teams to integrate security requirements early in development. Threat Intelligence: Research emerging threats and mitigation strategies. Testing & Audits: Oversee penetration tests and security audits. Policy Development: Keep security policies and staff training programs up to date. Requirements More ❯

actions based on severity, and coordinates containment and remediation activities when threats are confirmed. Assists with proactive hunting activities to uncover undetected threats and helps build hypotheses based on threat intelligence, behavioural patterns, and environmental baselines. Performs regular updates and tuning of detection rules, playbooks, and alert thresholds to reduce false positives and ensure high-fidelity threat More ❯

play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and … the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and … capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied More ❯

that involves both corporate and clinical teams. Main duties of the job Support and drive West London's information security portfolio including but not limited to DSPT CAF returns, threat intelligence platforms etc Active leadership of all cybersecurity requirements for infrastructure, applications, medical devices etc Deliver a Secure and Resilient business Ensure security and resilience remains a priority … in the delivery of West London's operations Maintain a current understanding of the IT threat landscape for the industry Enhance, develop and maintain key operational procedures with a standards-based approach for all security work, ensuring effective development and operational compliance to applicable recognised standards Lead the security requirement inputs for key transformation projects Develop and embed a More ❯

over 9,000 users - working collaboratively across internal teams and over 100 partners and suppliers. Maintain external networks and collaborate across Greater Essex and with national partners to share intelligence and best practices. Drive innovation and lead continuous improvement in security practices and user assurance across all services delivered by EDS. Lead a team of approximately 15, including six … and execution of ECCs information and cyber security strategy, ensuring alignment with their overall risk appetite and transformation goals. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs data and assets. You will be responsible More ❯

to time to join us. Job Purpose The Cyber Security Analyst is primarily responsible for protecting the Betfred network and systems from Internet based cyber-attacks. This involves performing threat intelligence and research on upcoming IT trends, creating contingency plans, administering the businesses cyber security controls and tooling, reviewing suspicious activities, reporting security breaches, and educating the rest More ❯

IT Security Specialist Counter Threat - HYBRID WORKING We have an exciting opportunity for an IT Security Specialist to join one of our biggest customers who are in the financial services sector. As an IT Security Specialist, you will support the day-to-day operations of the Counter Threat Unit, applying your strong background in infrastructure engineering, cloud-based … hybrid environments, leveraging your expertise in both on-premises and cloud platforms such as Azure, AWS, and GCP. Main Responsibilities as IT Security Specialist: Assist in gathering and analysing threat intelligence; monitor systems and networks to identify anomalies and support situational awareness. Follow established processes to help ensure compliance with legal, regulatory, and internal security requirements. Contribute to More ❯

scalability, automation, and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities … . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and More ❯

scalability, automation, and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities … . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and More ❯

scalability, automation, and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities … . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and More ❯

scalability, automation, and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities … . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and More ❯

scalability, automation, and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities … . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and More ❯

using Splunk, including data onboarding, creating correlation rules, and developing dashboards and reports to improve security visibility. Develop and maintain detection use cases, alerts, and response playbooks based on threat intelligence and compliance requirements. Monitor, tune, and optimise Splunk performance to ensure availability, scalability, and accuracy of security event logging and analysis. Work closely with SOC analysts, incident … response, and threat hunting teams to enhance threat detection, investigation capabilities, and response effectiveness. More ❯

adoption and effective use. Contribute to internal process documentation and improvement initiatives, ensuring procedures support a consistent and high-quality customer experience. Deliver proactive communications to customers on relevant threat intelligence, product enhancements, best practices, and industry developments. Advocate for customers internally, ensuring their needs and feedback influence product development and service improvements. Support the introduction and adoption … audiences. Ability to manage multiple customer accounts, prioritising effectively in a fast-paced environment. Experience driving customer satisfaction and retention through proactive engagement. Understanding of key concepts in cybersecurity, threat detection, and managed security services. Familiarity with ITIL service management principles. Experience presenting to senior stakeholders and technical teams. Exposure to security technologies such as EDR, SIEM and network More ❯

Someone to assure security controls, manage vulnerabilities, and maintain policies A mentor to support junior analysts while contributing to governance and compliance work Strong technical background – SOC, incident response, threat intelligence or security engineering Experience with Microsoft Security tools (Sentinel, Defender, etc.) Knowledge of governance, risk and compliance frameworks (PCI, FCA, GDPR) Please apply if this would be More ❯

Someone to assure security controls, manage vulnerabilities, and maintain policies A mentor to support junior analysts while contributing to governance and compliance work Strong technical background – SOC, incident response, threat intelligence or security engineering Experience with Microsoft Security tools (Sentinel, Defender, etc.) Knowledge of governance, risk and compliance frameworks (PCI, FCA, GDPR) Please apply if this would be More ❯

objectives. Perform deep analysis and develop metrics that measure current risk Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats. Communicate threat intelligence and vulnerability management options Analysing threats and current security controls to identify gaps in current defensive posture Meet with clients and leading workshops Candidates ideally need to More ❯