25 of 25 Threat Detection Jobs in London

exciting opportunity has arisen for a T hreat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a T hreat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

Contract Threat Detection Engineer (Delivery Focused) Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations … integrations are delivered effectively and aligned to operational priorities. Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with ...

Overview We are seeking an experienced Security Purple Team Lead to support a leading financial services organisation in enhancing its advanced threat defence capability. This contract role will focus on driving collaboration between Red and Blue teams, executing adversary simulation exercises, and improving detection and response effectiveness across … complex, regulated environment. The role will also play a key part in integrating AI-driven security techniques into threat detection, hunting, and response strategies. Key Responsibilities Lead and deliver Purple Team engagements, aligning offensive and defensive security capabilities Design and execute adversary simulation exercises mapped to MITRE ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across … business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. ...

Threat Modelling Consultant Rate - £550 per day Inside IR35 Location - London twice a week on site Duration - 6 months initial We are looking to recruit an experienced Threat Modelling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. You will evaluate application-generated … logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large ...

significant modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into … Head of SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation ...

seeking an experienced Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations … Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure ...

seeking an experienced Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations … Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure ...

engineers to optimise the effectiveness of security tools and platforms. Consuming and operationalising modern security technologies, including XDR and SIEM solutions, to enhance visibility, threat detection, and response effectiveness for clients Performing research and investigations to solve client’s technical security problems. Preparing impactful reports on security posture … organisational domains and common industry frameworks such as NIST CSF and ISO27001. Demonstrable experience of operating a key security process, such as vulnerability management, threat detection and response, or cyber security attack surface management, Hands-on expertise across a range of modern security technologies such as XDR, SIEM ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. … support ongoing digital transformation and automation initiatives. AI/ML in Security Operations Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection, incident analysis, or automated response capabilities within SecOps. ...

organisation's SIEM platform Perform initial triage and investigation of security alerts Escalate potential security incidents to senior analysts Assist with incident response and threat detection activities Support vulnerability management and security monitoring Maintain accurate incident records and documentation Work collaboratively with IT and security teams Required Skills … Basic understanding of cyber security principles and threat landscapes Familiarity with SIEM tools or security monitoring platforms Knowledge of networking fundamentals and operating systems Strong analytical and problem-solving skills Interest in developing a career within cyber security Nice to Have: Experience with Splunk, Sentinel, QRadar or Elastic Exposure ...

implementing technical information security controls and countermeasures aligned with specific risks. SOC Collaboration: Working with an outsourced Security Operations Centre (SOC) to maintain effective threat detection and response. Tooling & Incident Response: Administering technical security tooling (such as Defender for Cloud, Defender for Endpoint, and Nessus) and conducting security ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

monitoring, incident resolution, and continuous service improvement. Support in operational leadership, providing insight on risks, capacity, and technology readiness. Lead cyber security operations, including threat detection, vulnerability management, and incident response. Ensure the stability, resilience, and scalability of core infrastructure, networks, cloud platforms, and end-user devices. Oversee ...

DevOps and infrastructure teams to embed security into cloud deployments Monitor and improve cloud security posture Identify and remediate vulnerabilities across cloud systems Support threat modelling and security architecture discussions Required Skills: Experience working with AWS, Azure or GCP environments Understanding of cloud security best practices Familiarity with container … technologies such as Docker or Kubernetes Experience with infrastructure-as-code tools such as Terraform Strong understanding of security monitoring and threat detection Nice to Have: Experience with cloud security tools such as Prisma, Wiz or Lacework Knowledge of DevSecOps practices Security certifications such as CISSP, CCSP ...

will be the technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within … 1.ISO27001 Implementation (Must have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management ...

organisations (5,000+ users), focused on Microsoft Security and IAM Consult with CISOs, Heads of Security, and IT leaders on identity protection , zero trust , threat detection , and compliance Own complex sales cycles around Microsoft Sentinel , Defender suite , Entra ID , and managed IAM Collaborate closely with technical consultants ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection … Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will "Bridge the Gap" Between Manual Research & Scalable, Real-Time Threat Simulation. Skills & Experience of Cyber Security Engineer: Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade ...

continual improvement of the business's security composure. Responsibilities: Provide expertise on application, network and infrastructure security Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts Provide documentation for technical standards to meet corporate security policies/industry best practice Perform ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engi click apply for full job details ...

onsite) Job Type: PermanentA globally established organisation is seeking a Microsoft Security Engineer to strengthen its security capability across identity, endpoint, data protection and threat detection. This role will focus on leveraging the Microsoft security stack, including Defender XDR, Purview and Entra ID, to protect enterprise systems, manage risk … using Microsoft Entra ID, including Conditional Access and MFA Implement and maintain Privileged Identity Management (PIM/PAM) and secure access policies Conduct proactive threat hunting and support incident response activities Secure cloud applications and endpoints, ensuring alignment with security best practices Support eDiscovery, audit and data governance requirements ...

client requirement Role Description Responsible for managing, monitoring, and optimising network security controls, with a primary focus on firewalls, IDS/IPS, and network threat detection. The role ensures network security configurations are effective, aligned to security policy, and support SOC detection and incident response activities. Accenture ...