1 to 25 of 31 Threat Detection Jobs in London

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high … impact detection capabilities , shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high … impact detection capabilities , shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop ...

Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You’ll be joining a team that values learning, celebrates innovation … will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous ...

Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation … will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous ...

management of security and privacy risk across the firm’s technology environment. Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance. This is a hands‐on technical role requiring strong analytical … detail, and a proactive mindset. The ideal candidate will have practical experience with Microsoft security and compliance technologies, an interest in learning advanced detection and automation techniques, and a desire to contribute to a growing, high‐performing security operations capability. Key Responsibilities Monitor security event identification via the third ...

organisation's security posture. Role Overview: You'll lead on security engineering initiatives, own key security platforms, drive automation and support incident response and threat detection activities. You'll also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. Key Responsibilities: Deploy … Ansible. Maintain secure baselines for Windows, Linux and Kubernetes. Automate IAM workflows and integrate identity governance into CI/CD. Support incident response, threat detection and Red/Blue team exercises. Maintain security documentation and participate in on-call rotations. Qualifications & Experience: Degree in Computer Science, Engineering, Information ...

Start: ASAP Location: Local Authority (LBH) What you’ll be doing: Leading CrowdStrike Falcon deployment, configuration, and optimisation Enhancing Splunk SIEM dashboards, alerts, and threat detection capabilities Acting as a senior escalation point for incident response Driving SOAR automation to improve response times Conducting proactive threat hunting … CrowdStrike certifications (CCFA, CCFR, CCSE) CISSP, GCIH, or similar If you’re a senior engineer who enjoys working at the intersection of SOC optimisation, threat detection, and automation , this role offers real impact from day one. ...

operation of a centralised SIEM capability, aggregating and analysing logs across infrastructure, networks, and applications Define and drive the organisation’s approach to threat detection, log analysis, and incident response, establishing robust baselines and alerting strategies Take ownership of security incident investigation end-to-end, acting … ideal candidate will bring: Significant hands-on experience designing and operating SIEM platforms (e.g. ELK Stack, OpenSearch, Wazuh, Microsoft Defender), including real-world incident detection and response Deep expertise in Linux and Windows system hardening, with strong familiarity across frameworks such as CIS Benchmarks, STIGs, or equivalent Strong scripting ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation's defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat Detection & Prevention Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation. Tune and optimise security tooling to improve detection capability ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

newly implemented outsourced SOC (NCC Group), leveraging Splunk and CrowdStrike. You will provide senior-level technical expertise to enhance security operations, improve threat detection, and upskill the internal team. Key Responsibilities Lead CrowdStrike Falcon deployment, configuration, and optimisation Design and enhance Splunk SIEM dashboards, alerts, and data models … escalation point for major cyber incidents Develop SOAR automation workflows to improve response times Conduct proactive threat hunting using advanced queries Work closely with SOC partner to optimise security operations Provide training and knowledge transfer to internal teams Mandatory Requirements (Must Have) 5+ years’ experience in Cyber Security Engineering ...

days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should bring: 35 years experience … incident response, or threat analysis roles Strong hands-on experience with SIEM and EDR tools Deep understanding of: Incident response methodologies Malware behaviour and analysis Threat detection and investigation techniques Proven ability to: Investigate and respond to high-severity security incidents Correlate data across multiple sources ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

specialist cyber security function What You Need To succeed in this role, candidates should demonstrate: 710 years experience in SOC, incident response, or threat analysis Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity incidents Deep technical expertise … SIEM and EDR platforms Threat detection and incident response methodologies Malware analysis and attack investigation Ability to: Lead incident response across containment, eradication, and recovery Correlate and analyse data across multiple sources Produce detailed investigation reports Experience improving SOC processes, including detection tuning and playbook development Strong ...

application hardening standards, ensuring strong, consistent security configurations across environments Act as an on-call responder for security incidents, taking full ownership from detection through to resolution and post-incident improvement Collaborate with Information Security and leadership teams to ensure compliance with relevant standards and frameworks (e.g. Cyber Essentials … parsing, and alerting rule development Experience working within compliance-driven or regulated environments A strong security mindset, with a focus on access control, threat detection, and auditability The ability to balance robust security controls with operational efficiency High levels of autonomy and sound judgement, with the ability ...

security event identification via the third-party security operations service. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence-led techniques. Support the triage and processing of data subject rights (DSR) requests, including subject access requests … Skills: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure management, Data privacy principles and data subject rights. PLEASE NOTE: This role will fall ...

design and aligned with cybersecurity policies. Oversee implementation of security controls including endpoint protection, network security, identity management, and vulnerability management. Ensure proactive threat detection, response, and remediation capabilities. Promote security awareness initiatives across the organisation. Lead the Information Security Group (ISG) comprising of key stakeholders across ...

governance initiatives, including machine-learning-based anomaly detection. - Integrate and optimise multi-factor authentication, biometrics, and mobile identity capabilities. - Drive adoption of identity threat detection and response (ITDR) solutions. - Develop and maintain IAM architecture covering identity lifecycle, governance, and privileged access. - Design secure authentication and authorisation patterns (OpenID ...

applications and privileged roles. Privileged Access & Security Integration Architect and enhance Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring. Champion identity threat detection and response (ITDR) approaches to mitigate identity-based attacks. Integrate IAM with HR, IT, and engineering systems to support automated joiner/ ...

high-performance environment. The Role You’ll work across both: Operational security: monitoring alerts, investigating incidents, supporting internal users Security engineering: tuning detection systems, improving configurations, and strengthening overall security posture You’ll gain exposure across: Network and endpoint monitoring Incident response Security testing and reviews Log analysis … threat detection Vendor and software risk assessment Identity and access management Responsibilities: Investigate and triage alerts from security systems Respond to internal security queries and issues Analyse logs and identify anomalies Improve configurations to reduce false positives/negatives Support security reviews of third-party tools and services ...

Duties: Implement, manage and actively monitor security controls across e-mail, endpoint, and cloud environments Monitor and respond to security incidents using advanced threat detection tools Assist with compliance activities and audits for ISO27001, Cyber Essentials & Cyber Essentials Plus certification Provide technical expertise on security best practices ...

Duties: Implement, manage and actively monitor security controls across e-mail, endpoint, and cloud environments Monitor and respond to security incidents using advanced threat detection tools Assist with compliance activities and audits for ISO27001, Cyber Essentials & Cyber Essentials Plus certification Provide technical expertise on security best practices ...