26 to 50 of 208 Threat Intelligence Jobs in England

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them … ahead of the curve when it comes to threat management and security automation. This is a rare opportunity to join a large organisation and play a pivotal role in building new capabilities with no legacy systems in place and you'll have the chance to shape the future of … their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on-site Salary: Up to More ❯

leadership for the Security Operations Centre team providing technical oversight and direction. You will engage with various teams across DDaT to maintain security monitoring, threat intelligence and vulnerability management controls to detect and alert across all HM Land Registry technical assets. Salary of £46,058 - £57,400 dependent … with the Technology and Business Strategies. Working closely with the Lead Infrastructure Engineers and subject matter experts, you will develop and maintain security monitoring, threat intelligence and vulnerability management controls, to detect and alert across all HMLR technical assets. You will work with technical teams to develop SOC … have led technical investigations and developed response frameworks. You are proficient with Security Information and Event Management (SIEM) systems and adept at utilising Cyber Threat Intelligence within this context. You have a strong capability to manage technical risks and lead the implementation of mitigations. Additionally, you are experienced More ❯

Job Title: Cyber Intelligence Specialist Contract Type: Permanent, Fulltime Location: Bradford, Petersfield, Chatham or London Working Pattern: Hybridtypically 1 to 3 days a week in the office. Part-time or flexible arrangements are considered to support work-life balance. A fear of losing your current working flexibility shouldn't … Snoop Premium available to all colleagues Medical: Opportunity to opt in for Private Medical Insurance Bonus: Discretionary annual bonus The Role: As our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security … events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity, and mitigate cybersecurity risks. As a Cyber Intelligence Specialist, you will: Actively participate the delivery of More ❯

and recover from information security incidents. Assisting the Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response experience including developing threat hunting capabilities, security use cases and playbooks. Day to day … Development of the tools and processes to establish and improve the threat hunting program. Keeping an up-to-date understanding of the cyber threat landscape through threat intelligence and industry research. Define and design new security use cases and alerts to identify evolving attack scenarios. Participate … in industry-based Threat Intelligence sharing groups. Produce reports based on threat activity, trends and reported industry incidents. Leading security incident response processes with support from the principal analyst. Integrating and analysing threat intelligence sources necessary to evolve our protective controls accordingly. Ensure our Security More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This … position plays a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This … position plays a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security … and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging threats. * Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. * Investigate … security incidents, including malware infections, phishing attacks, and unauthorized access attempts. * Develop and enhance incident response playbooks, ensuring alignment with evolving threats. * Analyze threat intelligence sources to identify new attack vectors and adversary tactics. * Provide forensic analysis and malware reverse engineering to assess security incidents. * Collaborate with IT More ❯

accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and … provide actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response … and scripting for automation and analysis tasks. Strong understanding of security architecture, especially in cloud (AWS/Azure) and network environments. Experience with cyber threat intelligence, including threat actor tactics, techniques, and procedures (TTPs). Proven track record of investigating complex intrusions, including nation-state or targeted More ❯

and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency … capabilities to protect and defend client organizations and their people, intellectual property, and technology against wide-ranging threats, including nation states and Advanced Persistent Threat groups that act on their behalf. Consultants must be proactive, and able to lead, manage, and problem-solve on multiple workstreams across varied client … colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and are enhanced with intelligence and automation. BlueVoyant are trusted cyber-security partners More ❯

also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Implement and evolve … and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and … Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Expertise in threat modelling and risk management frameworks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds More ❯

Content - maintain the availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate. Threat Intelligence & Threat Hunting - provide, develop and integrate external threat intelligence data into the team's detection capabilities; perform proactive threat … test the team's detection capabilities, develop scenario-based training, and organise purple team exercises, both in-house and with third-party providers. Insider Threat - maintain and develop the Data Loss Prevention policies in line with the company's data classification requirements, and implement exceptions for business-approved procedures More ❯

Company Background ThreatConnect enables threat intelligence, security operations, and cyber risk management teams to work together for more effective, efficient, and collaborative cyber defense. With ThreatConnect, organizations can infuse ML and AI-powered threat intel and cyber risk quantification into their work, allowing them to contextualize an … evolving threat landscape, prioritize the most significant risks to their business, and operationalize defenses. More than 250 enterprises and thousands of security operations professionals rely on ThreatConnect every day to protect their organizations' most critical assets. We offer a competitive benefits package with comprehensive insurance coverage, unlimited paid time … and share in our success. We love to recognize our employees who have gone above and beyond. Job Description ThreatConnect is the most comprehensive threat intelligence platform on the market today. Our platform is used by thousands of organizations, and over 40 of the Fortune 100, to help More ❯

drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity … with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯

drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity … with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯

SOC Lead Location: Hybrid (3 days in office ) About the Role We are seeking a highly skilled SOC Lead to oversee cyber incident response, threat intelligence, and vulnerability management for a leading organization. This role will act as a trusted advisor to senior leadership, ensuring a structured and … mitigation strategies. Develop and implement cyber incident containment plans and remediation strategies. Oversee incident investigations, reporting, and documentation to drive continuous improvement. Collaborate with Threat Intelligence and Incident Response teams to monitor and respond to emerging threats. Ensure effective vulnerability management, prioritizing risks and coordinating remediation efforts. Provide … attack techniques and security threats. Experience with SIEM architecture, XDR, and incident response tooling. Strong knowledge of vulnerability management processes and tools. Proficiency in threat intelligence analysis and its integration into response strategies. Ability to manage multiple high-priority incidents in a fast-paced environment. Certifications such as More ❯

Location(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. The SOC will be staffed by a blend of customer and BAE Systems staff, based in multiple … Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review. Understand Threat Intelligence and its use in an operational environment Support incident response to national scale incidents in a coaching capacity Work with other teams More ❯

the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. … Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation More ❯

Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve … operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to More ❯

Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve … operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to More ❯

Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve … operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from evolving … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with … hands-on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

Location(s): UK, Europe & Africa : UK : London BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage … in the most demanding environments. Job Title: Threat Intelligence Lead Location: London - We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Grade: GG12 Referral Bonus: £5000 What You'll Be Doing Working on client sites … in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems More ❯

network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber events. Help improve SOC workflows, including automation … and threat detection use cases. Coach junior analysts and contribute to continuous improvement across the team. Essential Skills & Experience: Hands-on experience with Microsoft Sentinel (critical to this role). Experience in security operations, including SIEM tools (e.g., Sentinel, Splunk). Solid understanding of cloud environments (Azure and/… or AWS). Knowledge of network protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Desirable Skills: Experience in software engineering or More ❯

they need to combat cyber threats and enhance their resilience. We are particularly interested in trainers with expertise in the following certifications: CREST Practitioner Threat Intelligence Analyst (CPTIA) CREST Registered Threat Intelligence Analyst (CRTIA) CREST Practitioner Intrusion Analyst (CPIA) CREST Registered Intrusion Analyst (CRIA) CREST Practitioner More ❯