26 to 50 of 61 Threat Intelligence Jobs in England

Analyst/Security Engineer London (City) | £80,000–£90,000 | Permanent If you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring a hands … security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments ...

Contract Threat Detection Engineer (Delivery Focused) Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations, and integrations are delivered effectively … aligned to operational priorities. Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning, and optimising detection capabilities across modern ...

technical audiences and continuously improve their content and presentation. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Maintain … update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Input into threat intelligence activities when required. Represent the SOC within Stakeholders meetings on occasion. Engage with the Cyber Security Community of Expertise Essential Skills Proven experience in Security Operations Centre. Demonstrable experience of using ...

Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion … high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must be a British Citizen or a Dual UK national ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident ...

Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Hands ...

Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual ...

workplace - making it better for all. Logiq Consulting are Cyber Security and Information Assurance experts. We specialise in providing leading edge consultancy to high-threat clients, as well as delivering a range of security services and products throughout the Private and The Role: An increase in clients across … Security Operations Centre (SOC), make recommendations for playbooks, processes and procedures, and assist in further integrating monitoring capabilities to enhance the SOC function. Utilise threat intelligence feeds and software vulnerability management tools to identify and respond to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards ...

clear and consistent internal and external incident communication workflows. * Develop detailed incident response playbooks, such as ransomware, business email compromise (BEC), data breach, insider threat, malware outbreak, DDoS attack, cloud service compromise. (Final scenarios to be agreed during discovery.) Strengthen Organisational Incident Preparedness * Conduct discovery sessions with technical … organisation. Collaborate Across the Business * Work closely with SOC staff, IT teams, legal, risk, compliance, communications, and senior leadership. * Convert technical details and threat intelligence into clear, actionable steps appropriate for operational use. Required Experience & Skills * Proven experience (typically 5+ years) in incident response, SOC operations, cybersecurity consulting ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What youll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel ...

management integration, micro-segmentation strategies, and continuous verification principles. Skilled in managing network security product backlog prioritized based on risk assessment, business value, and threat landscape, with deep collaboration with security operations, infrastructure, and compliance teams. Strong understanding of API-level integration between security platforms and orchestration systems. Previous … principles, Software[1]Defined Perimeter (SDP), identity-aware proxy architectures, 802.1X authentication, certificate-based authentication, policy-based access control, stateful/stateless firewall technologies, threat intelligence integration, and network segmentation strategies. Expertise in security policy modelling, documentation of end-to-end security workflow specifications (e.g., threat models ...

from a 3rd party MSSP, investigating and responding to the most complex incidents whilst building out IR Playbooks and Processes and developing the internal Threat Hunting capability. You will act as a mentor to the more junior Analysts within the team and play a pivotal role in shaping … investigations. Proactively look for opportunities to automate, fine-tune and streamline the detection engineering and general SOC capabilities. Utilise various internal and external Threat Intelligence feeds to execute proactive threat hunting campaigns. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience ...

according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover ...

according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover ...

Supply Chain). Develop, maintain and lead the production of quarterly Enterprise Security Risk Products for senior leaders. Oversee multi-layered risk analysis covering threat scenarios, impacts, controls, and residual risk. Deliver Complex Security Risk Analysis Break down large, ambiguous or abstract security problems into structured analytical components. Gather … evaluate and synthesise information from diverse sources, including digital risk data, system-level risk assessments, threat intelligence, estate vulnerabilities, resilience data and people safety insights. Apply structured analytical methods to generate robust findings, uncertainty judgements, and evidence-based conclusions. Influence Decision Makers Produce clear, actionable insights to inform ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. ...

regulatory requirements. You will work closely with security operations, infrastructure, architecture, and compliance teams to prioritise delivery based on risk, business value, and evolving threat landscapes. Key Responsibilities Product Strategy & Vision Define and communicate a clear network security product vision aligned with Zero Trust architecture, governance frameworks, and regulatory … Access Control (NAC) Next-Generation Firewalls (NGFW) IDS/IPS platforms SIEM integrations Support deployments across physical, virtual, and cloud environments. Document security architectures, threat models, control frameworks, and policy workflows aligned to industry standards. Required Technical Expertise Strong understanding of network security fundamentals and Zero Trust architectures. Experience ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...

Inside IR35 - £400 - £425 p/d Active SC Required Primarily Remote We are supporting the build and evolution of a centralised Security Operations & Intelligence function and are seeking a People Security Advisor to play a key role in establishing and embedding a modern, risk-based personnel security capability. … delivery of insider risk programmes Provide subject matter expertise and advisory support to business stakeholders on People Security matters Enable integration across Security, Threat Intelligence, SOC, IAM, HR and Counter Fraud functions Support supply chain engagement on People Security standards and controls Define and maintain KPIs for People ...

provide consultation and expertise on security matters. Responsibilities: Security Operations & Incident Management: Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes . Vulnerability … technologies and policies. Knowledge of identity and access management principles. Familiarity with security accreditations such as ISO27001, CyberEssentials and CyberEssentials+. Excellent incident response and threat intelligence skills. Strong communication skills to convey security matters to technical and non-technical audiences. Benefits: 25 Days Holiday Birthday ...

exercises, purple-team operations, playbook development, and helping them build resilience before the next crisis strikes.You’ll collaborate closely with brilliant minds in forensics, threat intelligence, and crisis management, all working together to help clients make the right decisions in the toughest moments. ...

network digital forensics, log analysis, malware analysis and living-of-the-land techniques in support of incident response investigations, including leveraging EDR solutions and threat intelligence Conduct incident response within various Cloud platforms Identify attacker Tactics, Techniques and Procedures (TTPs) to develop indicators of compromise Take a lead ...