26 to 50 of 134 Threat Intelligence Jobs in England

Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to … Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update … detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage Indicators of Compromise More ❯

that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in … will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl … of a team that safeguards the digital assets of a cutting-edge organization? Look no further – Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Security Intelligence Analysts . The Kyndryl CSIRT (Cybersecurity Incident Response Team) is looking for a Security Intelligence Analyst to join an advanced team that drives proactive identification of threats within More ❯

Cyber Security Threat Hunter Bristol/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux More ❯

Cyber Security Threat Hunter Peterborough/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux More ❯

SOC SME: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender … for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

professionals to deliver impact across the organisation and the wider UK research and innovation system. Join us for this rare opportunity to apply your experience in offensive security and threat intelligence in a dynamic, fast-paced security operational and strategic role in an organisation at the heart of research and innovation in the UK. Leading the Red Team … and providing proactive advice to teams on the most effective remediation strategies. The role encompasses the full scope and delivery of penetration testing, including Black Box network assessments, insider threat evaluations, credentialed application exploitation, and rigorous testing of human and physical security controls across the UKRI estate. In addition to these offensive security responsibilities, the specialist manages the external … check Key Responsibilities: Execute targeted penetration tests and red team exercises to identify exploitable vulnerabilities. Develop and maintain offensive tooling to simulate adversary tactics and techniques. Monitor and analyse threat intelligence feeds to identify emerging threats and relevant TTPs. Produce technical threat reports and briefings to inform security posture and decision-making. Conduct proactive threat hunting More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us Available Locations: London, UK About The Department Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global … networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers. About The Role Cloudflare is a system spanning the globe, on a mission to make the internet better, safer, and more powerful everyday. To help fulfill this mission, we More ❯

Senior Threat Modeler 12 months initially Remote (with occasional visits to Preston or Frimley) £41.94 per hour Role Description • Supports the overall delivery of the threat modelling function and wider UK SOC by evaluating the clients estate and its capability. • Proactively protects the client through continual testing of security controls. • Understands Cyber Threat Intelligence and Active … Defence techniques and best practices. • Good knowledge of cyber threat landscape, current affairs and geopolitics, including threat groups and how to apply this knowledge within an operational environment. • Understands the MITRE ATT&CK Framework, Threat Intelligence Platforms and the coordination of Advanced Threat Protection (ATP) and tactics, techniques and procedures (TTPs) to support Cyber Operations. … areas, manage own development including participating in on the job training and attending training programmes as appropriate, and support/provide mentorship to others in the team. • Supports the Threat Modelling Lead when required, particularly on forecasting future team operations. • Is a subject matter expert (SME) on emerging threats and will work on complex issues as a fully contributory More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

clearance Summary Are you a SOC Detection Engineer looking to support national Cyber Defence capabilities? This role offers the opportunity to contribute to the development and optimisation of advanced threat detection systems within a highly secure environment. You will work within a Security Operations Centre (SOC), designing and maintaining detection logic across SIEM (Security Information and Event Management) and … Engineer, you will be part of a specialist cyber operations team responsible for implementing and maintaining high-fidelity detection capabilities. You will contribute to the development of detection rules, threat hunting activities, and automation workflows to support incident response and continuous improvement. Key responsibilities include: Designing and tuning detection rules and use cases in SIEM and EDR platforms Monitoring … and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation scripts and playbooks to streamline triage and response Documenting detection processes and providing knowledge transfer More ❯

clearance Summary Are you a SOC Detection Engineer looking to support national Cyber Defence capabilities? This role offers the opportunity to contribute to the development and optimisation of advanced threat detection systems within a highly secure environment. You will work within a Security Operations Centre (SOC), designing and maintaining detection logic across SIEM (Security Information and Event Management) and … Engineer, you will be part of a specialist cyber operations team responsible for implementing and maintaining high-fidelity detection capabilities. You will contribute to the development of detection rules, threat hunting activities, and automation workflows to support incident response and continuous improvement. Key responsibilities include: Designing and tuning detection rules and use cases in SIEM and EDR platforms Monitoring … and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation scripts and playbooks to streamline triage and response Documenting detection processes and providing knowledge transfer More ❯

maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team … join our Blue Team. The ideal candidate will be a self-starter with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident … the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious activity · Proactive threat hunting using available client data · Collection More ❯

site travel The Role As SOC Manager, you will: Establish goals and priorities with your team, focusing on: Improving incident response times Reducing false positives and extraneous alerts Enhancing threat detection capabilities Oversee staff activities to ensure focus on the right priorities Review team performance metrics, incident reports, and other key indicators Lead incident response efforts with clear procedures … Operations informed, preparing clear and concise reports Key Responsibilities Manage SOC service and process improvements, auditing incidents, identifying new use cases and automations Act as POC for SOC engineering, threat intelligence, and threat exposure management Provide guidance to Level-2 SOC security analysts during investigations and incident resolution Lead coordination of individual information security incidents Mentor security … analysts on risk management, security controls, incident analysis, SIEM monitoring, and operational tasks Document incidents from detection to resolution Ensure threat management, threat modelling, and identification of threat vectors Develop use cases for security monitoring Create reports, dashboards, and metrics for SOC operations; present to senior management Act as focal point for security investigations, preparing reports and More ❯

Job Title: Threat Detection Analyst Location: Preston, Frimley or Filton . We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £43,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the … of networks/services Escalate suspected major security incidents/complex investigations where support is required Build, test, and deploy new detection capabilities across the environment in line with threat intelligence Ensure services are operated in line with agreed service definitions and measures Contribute to the development of the services through process, people and technology where appropriate Your … security, computer networks and operating systems Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g., Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or More ❯

Overview ZeroFox seeks an Intelligence Analyst to join the ZeroFox Services and Analysis Team. You will collect information to identify threats and generate intelligence products to assess risk in relevance to client needs. Intelligence activities can include researching current and emerging threats issues covering physical security, cyber security, geopolitical, reputation risk and compliance issues. The Intelligence … Key Responsibilities Learn and employ ZeroFox patented technology to identify and analyze relevant information collected from the Internet, based on client-specific criteria, to assemble relevant findings for daily intelligence and recurring reporting; Assist in customer care and all production aspects covering the range of assigned duties. Support and/or lead recurring deliverables and touchpoints (ad hoc/… daily/weekly/monthly/quarterly and/or annual): Security/Incident Alerts Intelligence Reports Trend and summary reports Strategic assessments and reviews Client briefings Support collection enhancement with ongoing and proactive collaboration with Collection Management and 24x7 support. Dedication and willingness to provide support in response to ad hoc threats and periods of increased risk. This More ❯

and production environments and will directly impact our ability to detect, respond to, and prevent cyber threats at scale. As a senior individual contributor reporting to the Director of Threat Intelligence and Detections, you will play a central role in the technical leadership of the Detection Engineering team. You’ll mentor junior engineers, help define engineering direction, and … lead the development of scalable, innovative threat detection solutions—including those leveraging AI and cloud-native technologies. This is a hybrid role and you must live within commutable distance to our Guildford office where you will need to work in the office 3 days per week. Key Responsibilities Design, develop, and operationalize advanced detections across cloud, container, and on … metrics. Lead development of AI-driven detection proof-of-concepts Guide peers in building scalable, maintainable detection infrastructure and tuning detection content. Support strategic priorities like product detection assessments, threat-led risk prioritization, and production telemetry uplift. Minimum Qualifications Experience in detection engineering, security engineering, or software development with a focus on cybersecurity. Proven experience developing detections and integrations More ❯

and production environments and will directly impact our ability to detect, respond to, and prevent cyber threats at scale. As a senior individual contributor reporting to the Director of Threat Intelligence and Detections, you will play a central role in the technical leadership of the Detection Engineering team. You’ll mentor junior engineers, help define engineering direction, and … lead the development of scalable, innovative threat detection solutions—including those leveraging AI and cloud-native technologies. This is a hybrid role and you must live within commutable distance to our Guildford office where you will need to work in the office 3 days per week. Key Responsibilities Design, develop, and operationalize advanced detections across cloud, container, and on … metrics. Lead development of AI-driven detection proof-of-concepts Guide peers in building scalable, maintainable detection infrastructure and tuning detection content. Support strategic priorities like product detection assessments, threat-led risk prioritization, and production telemetry uplift. Minimum Qualifications Experience in detection engineering, security engineering, or software development with a focus on cybersecurity. Proven experience developing detections and integrations More ❯

findings clearly in reports and client presentations, tailoring communication for both technical and executive audiences. Work closely with clients to define forensic requirements and develop incident response playbooks. Conduct threat hunting and compromise assessments, correlating findings with threat intelligence (MITRE ATT&CK, TTPs, IOCs). Support cloud forensics in AWS and Azure, ensuring proper collection and handling … analytical, problem-solving, and documentation skills. Ability to translate complex forensic data into clear, client-friendly reports. Knowledge of chain of custody, evidential procedures, and forensic readiness. Familiarity with threat intelligence frameworks such as MITRE ATT&CK. Relevant certifications (desirable): GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer. As an industry leading, nationwide Marketing, Digital, Analytics, IT More ❯

and interpret evidence to provide a holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance activities and operational priorities. … talent. Ability to interpret complex technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management tools and methodologies. What's More ❯

are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and the development of new SOC capabilities. Key Responsibilities Lead investigations into escalated incidents, providing … detailed analysis and containment strategies. Perform malware analysis, reverse engineering, and develop detection signatures. Integrate threat intelligence into SOC operations, staying ahead of emerging attack techniques. Manage and optimise SIEM tools (Splunk, QRadar, Microsoft Sentinel). Develop SOC use cases, runbooks, and playbooks to improve response capability. Collaborate with IT, legal, and management teams during incident response. Support More ❯

Join Police Digital Service an NMC Cyber Threat Intelligence Specialist. Permanent FT. Starting salary £45,000 per annum. About Police Digital Service This is an opportunity to play your part and protect our company, our customers and our communities from cyber attack. Be part of a dedicated team and get ready to be challenged every day to make More ❯