1 to 25 of 35 Cyber Threat Intelligence Jobs in London

SENIOR THREAT INTELLIGENCE ANALYST Fully Remote Up to £100,000 + Excellent Staff Bens + Share Scheme SECURE has Strategically Partnered with a Multi-Award-Winning, Software-Based Organisation at the Forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they combine proactive Threat Intelligence, Real Attacker Telemetry & Automated Red … Teaming to Continuously Identify & Validate Real Exposure. Success in this position will enable the business to Transform Raw Intelligence into Actionable Insights that Protect Fortune 500 Companies & Critical Infrastructure Providers, helping them outrun Real-World Threats in Real-Time. Role Overview: We're looking to speak with ambitious Senior Threat Intelligence Analyst to Expand Offensive Security Capabilities … around Honeypot Data Analysis. You'll Design & Deploy Detections for N-Day & 0-Day Exploits using a Global Network, Develop CTI Platforms for Real-Time Threat Analysis, Drive Rapid Reaction Efforts & Author Threat Intelligence Reports. Ideally based in the UK, you don't need to tick every box - if you're motivated to make an impact, read More ❯

through implementation and ongoing support, our commitment is to provide clients with the assurance that they are valued by a company that is both attentive and impactful. Role Title: Threat Intelligence Analyst Reporting Line Manager: Head of Threat Intelligence Onsite Requirements (e.g. number of days per week onsite): 5 days Hybrid/Remote Working Policy: onsite … months Extension likelihood: Yes Maximum Daily Rate or Budget Range: 500 IR35 Status (inside/Outside/To Be Determined) Inside Experience Requirements Technology & Vendor Skillsets Required: Familiarity with threat intelligence platforms (TIPs), SIEMs, and threat data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of … adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and briefings. Certifications Required or Preferred: Years of relevant experience: 8+ years of experience in threat intelligence, cybersecurity operations, or penetration testing. More ❯

Primary Details Time Type: Full time Worker Type: Employee Threat Intelligence Specialist London Permanent (Hybrid) At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity We’re excited to be hiring a Threat Intelligence Specialist to join our Advanced … Threat Services (ATS) Teamon a full-time, permanent basis! You’ll be part of a supportive team that thrives on teamwork and innovation, where your expertise will be valued as we work together to tackle the ever-evolving cyber threat landscape. We’re looking to welcome our new team member from early January 2026 , so if you … re ready to make an impact in the new year, we’d love to hear from you! Your New Role Reporting to the Technical Threat Manager , you’llbe responsible for researching, analysing, and reporting on cyber threats targeting QBE’s global operations and technology environment. This role has a strong technical focus, centred on the collection, enrichment, automation More ❯

The department Covers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio for Change for all these areas.This is a rolling fixed term contract, initially 6 months. Mandatory 5 days on site. You will play a key role in overseeing our Threat Intelligence Centreefforts and ensuring alignment with … strategic planning objectives. You will beresponsible for the end-to-end management of major projects that enhance ourglobal cyber threat intelligence capabilities. This role requiresstrong project management expertise, a solid understanding of cybersecurityoperations, and the ability to effectively collaborate across global teams. Lead the end-to-endmanagement of the threat intelligence activities while ensuring alignment … Facilitatecommunication and coordination with global stakeholders across multiple regionsto ensure alignment of requirements and deliverables. Track activityprogress, manage risks, and implement risk mitigation strategies to ensuresuccessful outcomes. DriveStandardisation of threat intelligence protocols, tools, and governance acrossthe region. Partner withtechnology, compliance, and risk management teams to ensure compliance withregulatory and legal requirements in each jurisdiction such as GDPR &ISO27001 More ❯

The department Covers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio for Change for all these areas. This is a rolling fixed term contract, initially 6 months. Mandatory 5 days on site. You will play a key role in overseeing our Threat Intelligence Centreefforts and ensuring alignment … with strategic planning objectives. You will beresponsible for the end-to-end management of major projects that enhance ourglobal cyber threat intelligence capabilities. This role requiresstrong project management expertise, a solid understanding of cybersecurityoperations, and the ability to effectively collaborate across global teams. Lead the end-to-endmanagement of the threat intelligence activities while ensuring … Facilitatecommunication and coordination with global stakeholders across multiple regionsto ensure alignment of requirements and deliverables. Track activityprogress, manage risks, and implement risk mitigation strategies to ensuresuccessful outcomes. DriveStandardisation of threat intelligence protocols, tools, and governance acrossthe region. Partner withtechnology, compliance, and risk management teams to ensure compliance withregulatory and legal requirements in each jurisdiction such as GDPR &ISO27001 More ❯

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the … gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. Responsibilities Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network Investigate, mitigate, and forecast emerging technical trends and communicate effectively with … actionable suggestions to different types of audiences Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations Improve the tooling of threat cluster tracking and intelligence data integration to existing systems Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface More ❯

MAIN OBJECTIVES The Assistant Manager Information Security will play a critical role in safeguarding the bank's information assets, infrastructure, and customer data against evolving cyber threats. This role is responsible for driving and managing information security operations, ensuring continuous monitoring, identification, and timely remediation of security vulnerabilities to uphold a resilient security posture, and provide management with up … with UK regulatory requirements, industry standards, and best practices, while contributing to the development and enhancement of security frameworks, policies, and controls. Using strong analytical skills, deep knowledge of cyber security methodologies, and understanding of security infrastructure, including AWS cloud environments, the role will ensure the bank maintains cyber resilience, protects against financial and reputational risks, and fosters … events while minimizing business disruption. Monitor security operations to identify anomalies, investigate incidents, and coordinate timely remediation with internal teams and external providers. Keep up-to-date with evolving threat intelligence, security breaches, and industry developments, recommending proactive remediation measures and best practices to protect the bank's systems and data. Assurance & Compliance Responsibilities Partner with auditors, regulators More ❯

Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3–6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end … to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Manager with a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex … and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities – Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts More ❯

Role: Cyber Security Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside of the … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

law, technology, and crisis management.This is not another practice group in a traditional firm - it's a high-performing business within a business, combining legal expertise with digital forensics, threat intelligence, and cyber risk engineering.If you want meaningful responsibility, the chance to grow something, and a clear path toward partnership or leadership, this is that moment.What You … ll Do Lead and manage a caseload of complex data-breach and cyber-incident matters, including live ransomware events and regulatory investigations. Act as a trusted adviser during active crises — providing clear, strategic legal guidance under pressure. Supervise and mentor junior lawyers while helping shape the direction of the team. Work alongside leading experts in digital forensics and threat intelligence to deliver fully integrated incident response. Contribute to new products, knowledge, and thought leadership in a rapidly evolving field. Support business development and client-relationship initiatives that will accelerate your route to partnership. What You'll Need Qualified solicitor (5+ PQE) with hands-on experience in cyber, data-breach or regulatory incident work. Commercially astute with More ❯

London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Security Operations Centre Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part in detecting, investigating, and mitigating threats, as well as improving our security posture … through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools and perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. … Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring More ❯

Team Management: Recruit, mentor, and lead a high-performing, multi-disciplinary security team. Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies Threat Intelligence and Incident Response: Establish and mature a robust threat intelligence program to proactively identify, analyze, and mitigate emerging threats, particularly those targeting the African fintech More ❯

behave from a security perspective and enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … be a fantastic next step in your career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat identification. Your responsibilities will … and clarity around what the data represents and why it matters. Identifying trends, patterns and anomalies in network activity from a security perspective. Helping translate technical findings into structured intelligence that can be used across the organisation. This is a frontline support role for the research function, offering space to explore, investigate and grow into a more advanced security More ❯

bridge the gap between strategic vision and technical execution — collaborating with vCISOs, Unit 42 engagement leads, and client stakeholders to design and deliver transformation blueprints and pragmatic roadmaps towards threat led resilience You'll work at multiple levels: partnering with Unit 42 peers and client senior decision makers to influence transformation direction, embedding into delivery teams to guide execution … and engaging in activities to elevate Unit 42's voice in the market. You bring a deep understanding of applying threat context to shape and drive transformation programmes. This role blends delivery, technical advisory, thought leadership, and enablement — ensuring our clients achieve measurable security outcomes while unlocking the benefits of a platform adoption strategy. Your Impact Client Engagement and … specialist technical topic and the ability to present it at industry events. Professional certifications (e.g., CISSP, CISM, CCSK, PCNSE). Additional Information Unit 42 brings together our world-renowned threat researchers with an elite team of security consultants to create an intelligence-driven, response ready organization. The Unit 42 Threat Intelligence team provides threat research More ❯

This is a key role within the Global Security Operations Centre (GSOC). You will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. You will report to the Senior Manager, Incident Response and works with a team of 4-6 technical specialists. You will act as … day per week remotely, depending on working arrangements. What will you do? Global accountability to respond to critical security incidents/events providing accurate and timely reporting to Global Cyber Security Leadership. Provide 7/24/365 support for security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting. … timely communication to all stakeholders regarding incident response activities. Provide post mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues. Responsible for working with threat intelligence, Security Operations Centre and extended teams to ensure global compliance to RBC standards with respect to security incidents and related findings. Responsible for driving to resolution security More ❯

Partnered with a Multi-Award-Winning, Software-Based Organisation at the Forefront of Pre-Emptive Exposure Management. As a Market Leader backed by significant Venture Funding, they combine Proactive Threat Intelligence, Real Attacker Telemetry & Automated Red Teaming to Continuously Identify & Validate Real Exposure. Success in this position will enable the business to Transform Raw Intelligence into Actionable … Providers, helping them Outrun Real-World Threats in Real-Time. Role Overview: We're looking to speak with ambitious Information Security/SOC Engineers to Build & Continuously Evolve Internal Cyber Security Capability. You will secure the Internal Environment, Ensure Compliance with Leading Security Frameworks & Support Secure IT Operations across the Global Team. This "Hands-On" role requires Technical Depth … Security Design Experience & Strong Operational Discipline. If you're excited by Autonomy & Helping Build Internal Security "From the Ground Up", alongside working in a Fast-Moving Cyber-Company, then read on... Skills & Experience Required for Information Security Engineer role: Strong Cloud Security Background (AWS) with "Hands-On" Security Operations across Cloud, Servers & Endpoints Proficient in Vulnerability Management, including Scanning More ❯

Location: London, UK (Hybrid: 2 days per week in the office) Company: Navro – Pioneering the Future of Payments Securing Trust: Cyber Security Lead This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. We're Navro, a rapidly scaling B2B payments startup … and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain security integrations across our tech … mediocrity. Requirements What This Role Demands: You Own It – You lead our detection and response mission. You help define the roadmap, build the pipelines, and drive measurable outcomes across threat visibility, MTTD/MTTR, and resilience. You Ask Questions – You challenge assumptions to improve signal‐to‐noise, coverage, and automation. Why this alert? Where's the data gap? How More ❯

DevSecOps Engineer | Fully Remote | £60,000 - £70,000 Our client is a fast-growing cyber-defence and threat-intelligence company committed to protecting organisations from sophisticated cyber threats. They combine advanced security analytics, automation and human expertise to deliver real-time defence across modern cloud and on-prem environments. They are expanding their engineering team and … world-class security into everything they build. The Role: As a DevSecOps Engineer, you will sit at the intersection of development, operations and security. Youll work closely with engineering, threat research, and security operations teams to design, build, and maintain secure, scalable infrastructure and CI/CD pipelines. What Youll do: +Design, maintain and secure CI/CD pipelines … and manage Infrastructure-as-Code (Terraform, Ansible, CloudFormation, etc.). +Integrate security tooling into development workflows: SAST, DAST, dependency scanning, secrets management, etc. +Collaborate with engineering teams to perform threat modelling and ensure secure system design. Key Skills and Experience: +Strong experience with CI/CD systems (GitHub Actions, GitLab CI, Jenkins, etc.). +Hands-on cloud experience (AWS More ❯

Head of IT Security - Wembley - (Enterprise-wide Cyber & Information Security) Location: Wembley - 5 days on-site Salary: (phone number removed) per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect … critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC More ❯

Head of IT Security - Wembley - (Enterprise-wide Cyber & Information Security) Location: Wembley - 5 days on-site Salary: £90-100,000 per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect … critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC More ❯

Role: Senior Cyber Operations Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Associate Manager Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

DevSecOps Engineer Fully Remote £60,000 - £70,000 Our client is a fast-growing cyber-defence and threat-intelligence company committed to protecting organisations from sophisticated cyber threats. They combine advanced security analytics, automation and human expertise to deliver real-time defence across modern cloud and on-prem environments click apply for full job details More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company, providing … have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines, when espionage or insider threats threaten operations, we’re the people called to help.We’re looking for curious … languages to protect clients that range from household brands to nationally significant infrastructure.We’re one of the NCSC CIR-enhanced capabilities in the UK (https://schemes/cyber-incident-response/information-for-buyers), meaning our team is trusted to respond to the nation’s most critical incidents, including ransomware, espionage, insider threats, and large-scale fraud.You More ❯

OFFENSIVE CYBER SECURITY RESEARCHER Up to £140,000 + Shares + Staff Benefits Fully Remote SECURE has strategically partnered with a Multi-Award-Winning, Software-Based Organisation at the forefront of Pre-Emptive Exposure Management. As a market leader backed by significant venture funding, they combine proactive Threat Intelligence, Real Attacker Telemetry & Automated Red Teaming to Continuously … Identify & Validate Real Exposure. Success in this position will enable the business to Transform Raw Intelligence into actionable insights that protect Fortune 500 Companies & Critical Infrastructure Providers, helping them outrun Real-World Threats in Real-Time. Role Overview: We're looking to speak with an exceptional Principal Offensive Security Researcher who thrive on Discovering High-Impact Vulnerabilities in modern … possess the drive and relevant experience to deliver tangible results aligned with our Clients needs, reach out. We embraceDE&I and welcome applications from Underrepresented Groups, Minorities, Women in Cyber Security, Neurodiverse Individuals, LGBTQ+ Community Members, Veterans & those from Diverse Socioeconomic Backgrounds. Searches: Offensive Security/Red Team Security/Red Teaming More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯