1 to 25 of 70 Threat Detection Jobs in London

Splunk Developer (Threat Detection Consultant) - Brussels/London/Paris/Amsterdam - Banking Client Duration: 1 year Rate: 500 - 800 per day Hybrid: 2 days onsite per week (London, Paris, Brussels or Amsterdam) Role: Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilities Cooperate with … addresses scenario described in use case Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic Coach a team (from a technical perspective); review work outputs and provide quality assurance Analyses and identifies areas of improvement with existing processes, procedures, and documentation Demonstrates how … products to both technical/non-technical personnel Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features Qualifications: Technical Skills: In depth experience in development and maintenance of SIEM use More ❯

DFIR AnalystDigital Forensics & Incident Response/Threat Hunting/Cyber Analytics/Outside IR35/Fully Remote/£550–£600 pd/ASAP Start/6 Months SR2 has partnered with a cutting-edge Cybersecurity MSP delivering critical threat detection and incident response capabilities to a number of global financial clients.You’ll be part of a dynamic … DFIR team tasked with identifying, analysing, and responding to security incidents, proactively hunting for advanced threats, and contributing to the enhancement of threat detection strategies. Key Responsibilities Incident Response – Detect, document, and resolve security incidents efficiently Endpoint Forensics – Analyse host-based artifacts to reconstruct timelines and attacker activity Security Analytics – Extract meaningful insights from large datasets for reporting … detection, and hunting Threat Hunting – Identify unknown threats that evade traditional controls Intrusion Detection – Tune anomaly detection tools for reliable, actionable output Behavioral Analysis – Implement user anomaly detection criteria to spot insider threats Countermeasures – Design and implement control strategies to disrupt emerging threats Required Skills & Relevant experience Strong understanding of Windows and Linux environments Experience More ❯

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering … function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy, and designing detection capabilities that protect our global environment. Your new role Lead the coordination and … operation of the internal detection engineering function. Design and implement cyber detection rules and use cases to identify threats across our IT infrastructure. Identify and log visibility gaps, working to improve detection coverage and accuracy. Build and tune custom detection logic for complex environments and emerging threats. Monitor evolving attacker tactics (TTPs), integrating insights into detection More ❯

Incident Response operations, coordinating efforts across multiple regions and departments. Additionally, they will educate customers and other Varonis employees on Varonis capabilities, cyber threats, and security trends. Responsibilities Deliver Threat Detection & Response initiatives to Varonis customers. Consult with customers to ensure Varonis products are integrated into their Security Program. Integrate Varonis products into the customers' security ecosystem and … threat detection workflows. Monitor security threats and operational impact on Threat Detection and Response. Participate in Incident Response operations, assisting Incident Response Management across regions. Identify inhibitors of product value and communicate with leadership and product management. Continuously develop and expand security knowledge. Document, track, and manage work via SalesForce. Qualifications At least 1 year of More ❯

summaries. Create and maintain executive-level documentation, including standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and vigilance. … Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or a … related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of the cyber threat More ❯

Every minute of every day, Smiths Detection's threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

the organisation. You ensure that we have the visibility needed to be able to protect the organisation and its customers' data. You have a passion for Cyber defence and Threat intelligence. You'll be responsible for building the strategy and capabilities needed to be successful as well as maintain relationships with our various external partners. The Impact You'll … our incident case management and response processes. - Coordinate incident response planning and simulation exercises with senior leaders and the board. - Manage external and internal audit and due diligence activities. Threat Detection & Response - Implement and maintain robust threat detection and response capabilities across cloud, on-premise, and factory systems. -Drive continuous improvement of our vulnerability management program. … Conduct threat intelligence analysis and report on emerging trends and risks. Collaboration & Mentorship - Build trusted relationships with technology partners, vendors, and internal teams. - Collaborate closely with product and engineering teams to identify and mitigate risks in new and existing products. - Lead security awareness and education initiatives across the business. - Mentor and support a direct report within the Security Operations More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

Audit and Risk Committee (ARC). Your Mission: Set Vision and Strategy: Define and own the Group-wide cyber security strategy aligned with business ambition, ESG goals, and evolving threat landscapes. Lead from the Front: Inspire, build, and mentor a high-performing global cyber team-across defensive security, threat intelligence, and cyber engineering. Board-Level Influence: Serve as … with authority and clarity. Drive Transformation: Lead security by design across cloud, data, AI, IoT, and operational technology landscapes-embedding security in every initiative. Stay Ahead of Threats: Oversee threat detection, incident response, and resilience programs with precision and global coordination. Shape Culture: Champion a cyber-aware culture across 100,000+ employees, embedding secure behaviours in the DNA … a bias for action, pragmatism, and delivery. scale. Gravitas and credibility with boards, senior management, regulators, auditors, and external stakeholders. Hands-on understanding of security architecture, cloud, identity and threat intelligence. Resilience under pressure - the ability to make calm, fast decisions in high-stakes situations. Specifically, the role covers: Leadership: Industry leading vision and communication to the business on More ❯

and domain expert within the organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work with other engineering leaders to … embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security controls and supervising strategies to grow our threat detection capabilities. Seek opportunities for … tooling and automation WHAT YOU'LL BRING: 5+ years of proven experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth More ❯

and endpoint environments, including laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and … across all device types and operating systems. Engineer and operate scalable solutions for endpoint protection, data loss prevention (DLP), and compliance checking. Build automated controls for device posture, encryption, threat detection, and remediation. Own and optimize integrations with tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation … secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. More ❯

critical infrastructure. The Claroty Platform provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection - whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award-winning threat research and More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or Real Time data processing. Advanced degree or equivalent experience in ML More ❯

Investigator Department: Research & Investigations Employment Type: Full Time Location: London, UK Description Do you want to be on the front lines of fighting crypto crime and stopping nation-state threat actors? Are you excited by the challenge of tracing stolen and laundered digital assets across the most complex blockchain environments? Are you looking to join a mission-driven team … is critical to Elliptic's mission of safeguarding the integrity of the global crypto ecosystem. As a Senior Investigator, you will be a key member of our elite Investigations & Threat Intelligence team, working closely with government agencies, the Crypto Industry, and strategic partners across the EMEA region. Your expertise in tracing complex, state-sponsored activity and uncovering the TTPs … of nation-state and highly sophisticated threat actors will directly inform mitigation operations, in-depth research, and policy decisions. Through deep collaboration with law enforcement, regulators, and analytic partners, your work will help disrupt illicit financial networks, strengthen crypto-related threat detection, and reinforce Elliptic's position as a trusted partner to those on the front lines More ❯

Monitor security alerts and log data using Microsoft Sentinel and related SIEM tools Respond to security incidents, performing root cause analysis and recommending remediations Conduct vulnerability assessments and support threat detection activities Assist with the configuration and optimisation of the organisation's security infrastructure Collaborate with technical teams to ensure best practices in information security are maintained Essential … Experience: Proven experience in a cyber security analyst or SOC analyst role Strong hands-on knowledge of Microsoft Sentinel and broader SIEM technologies Solid understanding of threat detection, log analysis, and incident response workflows Experience working in a public sector or regulated environment is highly desirable Ability to clearly communicate security issues and provide actionable advice to stakeholders More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

in London - Contract - Hybrid Inside IR35 - umbrella Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD, firewalls, servers … cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat More ❯

in London - Contract - Hybrid *Inside IR35 - umbrella* Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD, firewalls, servers … cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat More ❯

and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep cloud security … with Fraud and Customer Experience teams to mitigate risks such as account takeover and loyalty fraud Onboard key customer-facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a … to assess threats and act quickly to protect customer trust Strong Communicator: Confident working with technical teams, fraud analysts, and senior stakeholders Retail-Specific Insight: Familiar with customer-centric threat vectors like loyalty abuse and payment fraud Automation-First Mindset: Keen to reduce manual work through scripting and process automation Agile Approach: Comfortable working in cross-functional teams with More ❯

times, ambiguous environment. Key job responsibilities - Monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. - Maintain and optimize … security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position … supports other AWS Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team About the team Diverse Experiences Amazon Security values diverse experiences. More ❯

from you. Responsibilities: Design and implement scalable backend services for AI model deployment in secure environments Collaborate with data scientists and defence analysts to productionise ML models (e.g., for threat detection, anomaly detection, autonomous systems, or decision support tools) Build and maintain secure APIs and infrastructure using Python (FastAPI/Flask), Docker, and Kubernetes Contribute to DevSecOps More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

applications. Deploy and Manage Security Tooling: Select, implement, and operate key tools across GCP , such as Cloud Armor , Cloud Identity , Security Command Center , and VPC Service Controls for ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and … Risk Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on cloud and application security fundamentals. Mentor and Lead: Act as a mentor to future hires, helping scale a high-impact cloud security function as the business grows. What you'll … with core cloud security components including IAM , WAFs , SIEM , CSPM , and vulnerability scanners. Technical Skills: Proficiency in at least one scripting or programming language (e.g. Python, Go, Bash). Threat Modeling: Practical knowledge of frameworks like STRIDE and PASTA. Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Collaborative Expertise: Clear and effective communication More ❯

is a rare opportunity to play a key role in the operation and enhancement of a 24/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR … technologies to enhance threat detection and response capabilities. Implement and refine playbooks , automations , and alerting rules in collaboration with security partners. Contribute to threat hunting and proactive detection strategies. Produce actionable reporting and metrics for stakeholders, including executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong … technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related security frameworks. Legal, financial, or similarly high-compliance industry experience is a bonus. Why Apply? Join a global More ❯