26 to 50 of 102 Threat Intelligence Jobs in England

security tools: Security Operations Tools SIEM (Security Information and Event Management) - e.g., Splunk EDR (Endpoint Detection and Response) SOAR (Security Orchestration, Automation and Response) Threat Intelligence Platforms Vulnerability Scanners (e.g., Qualys, Tenable) Brand Protection and Domain Monitoring Tools Certificate Authority (CA) and PKI Management Platforms Security Architecture & Engineering … ArcSight, LogRhythm, Sentinel EDR: CrowdStrike, Carbon Black, SentinelOne, Microsoft Defender SOAR: Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient Vulnerability Management: Qualys, Tenable, Rapid7 Threat Intelligence: Recorded Future, ThreatConnect, MISP Integration & Automation REST APIs and API integration Scripting: Python, PowerShell, Bash Automation tools: Ansible, Terraform, Jenkins Data formats ...

team of full-time employees, contractors, and managed services, ensuring clear roles, accountability, and alignment. Oversee key security technologies, including SIEM, SOAR, EDR, and threat-intelligence platforms Align operations with Astellas’ enterprise security framework, NIST CSF, ISO 27001, and internal risk management policies. Essential Knowledge & Experience Previous work … roles overseeing global security operations. Proven experience managing mixed teams of employees, contractors, and managed service providers Deep expertise with SIEM, SOAR, EDR, and threat-intelligence tools Strong familiarity with frameworks such as NIST CSF, MITRE ATT&CK, and incident response methodologies Excellent communication, influencing, and cross-functional ...

potential security incidents. Deliver post-incident reviews and drive continuous improvement. Keep the Cyber division and clients informed of emerging threats and trends through threat intelligence reporting. Support the creation and training of the incident response team, ensuring readiness for any security challenge. Contribute to achieving industry certifications … root causes, and recommend corrective actions. Experience developing and maintaining incident response plans and playbooks. Hands-on experience with tools such as SIEM, EDR, threat intelligence platforms, and forensic investigation tools. Strong knowledge of incident response frameworks (e.g., NIST, SANS). Deep understanding of current cybersecurity threats ...

hours work. Key Responsibilities: Handle escalations from Level 1 analysts and validate complex alerts. Conduct in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident response leads. Develop … tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat hunting activities and contribute to improving detection coverage. Maintain accurate and comprehensive investigation records within the SOC ticketing platform. Mentor junior analysts, helping improve ...

functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm … assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics Required Qualifications, Capabilities, And Skills 3+ years of experience in delivering covert red teaming, purple teaming, or network exploitation operations using industry-standard tools (e.g., Cobalt Strike or other C2 frameworks), with ...

functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm … assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics Required Qualifications, Capabilities, And Skills 3+ years of experience in delivering covert red teaming, purple teaming, or network exploitation operations using industry-standard tools (e.g., Cobalt Strike or other C2 frameworks), with ...

landing pages using HTML, CSS, and potentially JavaScript, to mimic real-world threats Crafting compelling social engineering narratives and scenarios that reflect current threat landscapes and target specific user behaviors Developing and maintaining a library of diverse phishing templates and scenarios for various client needs Phishing Platform Management & Execution … integrate phishing drill insights into ongoing educational programs Providing expert input on best practices for user education based on simulation outcomes and observed behaviors Threat Intelligence & Best Practices Staying abreast of the latest phishing techniques, social engineering tactics, and cyber threat intelligence to ensure simulations remain ...

departmentCovers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio forChange for all these areas. This is a rolling fixed term contract, initially 6 months. Salary £55,000 You will play a key role in overseeing our Threat Intelligence ...

departmentCovers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio forChange for all these areas. This is a rolling fixed term contract, initially 6 months. Salary £55,000 You will play a key role in overseeing our Threat Intelligence ...

Responder - IR, Cyber, Salary: Competitive, based on experience + benefitsLocation: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. … Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call ...

Cyber, Salary: Competitive, based on experience + benefits Location: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. You will … Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call ...

access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across … alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation ...

access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across … alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation ...

Location(s): UK, Europe & Africa : UK : Frimley || UK, Europe & Africa : UK : London || UK, Europe & Africa : UK : Manchester BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation … week every 2 months and occasional travel to the offce – Frimley, Guildford, Manchester, Gloucester, London Grade: GG10 Referral Bonus: £5,000 BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors ...

Location(s): UK, Europe & Africa : UK : Frimley || UK, Europe & Africa : UK : London || UK, Europe & Africa : UK : Manchester BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation … week every 2 months and occasional travel to the offce – Frimley, Guildford, Manchester, Gloucester, London Grade: GG10 Referral Bonus: £5,000 BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors ...

framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain AJ Bells threat intelligence capabilities to enable effective response to the evolving threat landscape, delivering and disseminating actionable intelligence to operations teams … knowledge of Information Security risk management tools and techniques Extensive experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Knowledge of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information ...

rules to reduce false positives and enhance detection fidelity. Monitor, analyse, and investigate security alerts to identify potential threats and malicious activity. Conduct threat hunting activities to proactively discover hidden or advanced threats. Collaborate with Incident Response teams to provide detection insights and support investigations. Maintain and improve detection … coverage based on emerging threats, adversary tactics (MITRE ATT&CK), and threat intelligence. Develop automation scripts and playbooks to streamline detection and alert triage processes. Document detection processes, use cases, and provide knowledge transfer to SOC analysts. Qualifications: Relevant qualification(s) in Cyber Security, or other related technical roles ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident ...

operations. You will: Architect & Design : Build and evolve secure frameworks using Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence ...

security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting …/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. Python, PowerShell) to streamline detection/response and improve SOC efficiency. Threat-hunting and analytical mindset; proactive and collaborative approach; good communication skills and ability to work across teams. Why consider this opportunity You'll join ...

enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with … your career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat ...

looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. Role Assisting in monitoring network traffic … with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying up-to-date with emerging cyber ...

looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. Role Assisting in monitoring network traffic … with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying up-to-date with emerging cyber ...

passionate about technology and eager to start a career in cyber security? We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts … solutions powered by Microsoft technologies like M365 and Azure. Our mission is to keep networks secure, efficient, and future-ready. Responsibilities: As a Cyber Threat Detection & Response Apprentice at SNO, you’ll work alongside experienced professionals to strengthen our cyber defence capabilities. Your responsibilities will include: Assisting in monitoring ...

passionate about technology and eager to start a career in cyber security? We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts … solutions powered by Microsoft technologies like M365 and Azure. Our mission is to keep networks secure, efficient, and future-ready. Responsibilities: As a Cyber Threat Detection & Response Apprentice at SNO, you’ll work alongside experienced professionals to strengthen our cyber defence capabilities. Your responsibilities will include: Assisting in monitoring ...