1 to 25 of 29 Threat Detection Jobs in London

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

Contract Threat Detection Engineer (Delivery Focused) Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations … integrations are delivered effectively and aligned to operational priorities. Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with ...

consistently applied and operationally effective. The role owns information security operations and modern workplace services, spanning identity and access management, endpoint security, data protection, threat detection, incident response and compliance monitoring. Operating across a complex, global technology estate, the Head of Cyber Security and Modern Workplace Operations ensures … policy enforcement and lifecycle management using platforms such as Intune and Defender. Ensure consistent application of security standards across all user devices and environments. Threat detection, monitoring and incident response Oversee continuous monitoring, threat detection and security event management. Lead incident response readiness, coordination and post ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across … business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. ...

Threat Modelling Consultant Rate - £550 per day Inside IR35 Location - London twice a week on site Duration - 6 months initial We are looking to recruit an experienced Threat Modelling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. You will evaluate application-generated … logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large ...

significant modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into … Head of SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation ...

development and maintenance of the code and capabilities of the Security Orchestration, Automation and Response (SOAR) platform. Candidates will work with the Manager of Detection & Response Engineering and will work jointly with our detection engineering, threat detection and response teams to specify clear priorities, evaluate technical ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

ownership of what you build from design through to deployment and iteration. What You'll Be Doing Designing and building AI agent systems for threat detection, behavioural correlation, sensitive data classification, and automated security response Developing and fine-tuning LLMs and ML models that run reliably in production … keep them healthy Cloud experience - AWS is ideal (S3, EC2, Athena, EMR), Azure or GCP also relevant NLP knowledge applied to real classification or detection problems The communication skills to explain what your models are doing and why, to engineers and non-technical stakeholders alike Bonus if you have ...

customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. … support ongoing digital transformation and automation initiatives. AI/ML in Security Operations Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection, incident analysis, or automated response capabilities within SecOps. ...

days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should bring: 35 years experience … incident response, or threat analysis roles Strong hands-on experience with SIEM and EDR tools Deep understanding of: Incident response methodologies Malware behaviour and analysis Threat detection and investigation techniques Proven ability to: Investigate and respond to high-severity security incidents Correlate data across multiple sources ...

implementing technical information security controls and countermeasures aligned with specific risks. SOC Collaboration: Working with an outsourced Security Operations Centre (SOC) to maintain effective threat detection and response. Tooling & Incident Response: Administering technical security tooling (such as Defender for Cloud, Defender for Endpoint, and Nessus) and conducting security ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

monitoring, incident resolution, and continuous service improvement. Support in operational leadership, providing insight on risks, capacity, and technology readiness. Lead cyber security operations, including threat detection, vulnerability management, and incident response. Ensure the stability, resilience, and scalability of core infrastructure, networks, cloud platforms, and end-user devices. Oversee ...

specialist cyber security function What You Need To succeed in this role, candidates should demonstrate: 710 years experience in SOC, incident response, or threat analysis Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity incidents Deep technical expertise … SIEM and EDR platforms Threat detection and incident response methodologies Malware analysis and attack investigation Ability to: Lead incident response across containment, eradication, and recovery Correlate and analyse data across multiple sources Produce detailed investigation reports Experience improving SOC processes, including detection tuning and playbook development Strong ...

DevOps and infrastructure teams to embed security into cloud deployments Monitor and improve cloud security posture Identify and remediate vulnerabilities across cloud systems Support threat modelling and security architecture discussions Required Skills: Experience working with AWS, Azure or GCP environments Understanding of cloud security best practices Familiarity with container … technologies such as Docker or Kubernetes Experience with infrastructure-as-code tools such as Terraform Strong understanding of security monitoring and threat detection Nice to Have: Experience with cloud security tools such as Prisma, Wiz or Lacework Knowledge of DevSecOps practices Security certifications such as CISSP, CCSP ...

will be the technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within … 1.ISO27001 Implementation (Must have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management ...

governance initiatives, including machine-learning-based anomaly detection. - Integrate and optimise multi-factor authentication, biometrics, and mobile identity capabilities. - Drive adoption of identity threat detection and response (ITDR) solutions. - Develop and maintain IAM architecture covering identity lifecycle, governance, and privileged access. - Design secure authentication and authorisation patterns (OpenID ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection … Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will "Bridge the Gap" Between Manual Research & Scalable, Real-Time Threat Simulation. Skills & Experience of Cyber Security Engineer: Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade ...

continual improvement of the business's security composure. Responsibilities: Provide expertise on application, network and infrastructure security Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts Provide documentation for technical standards to meet corporate security policies/industry best practice Perform ...

Duties: Implement, manage and actively monitor security controls across e-mail, endpoint, and cloud environments Monitor and respond to security incidents using advanced threat detection tools Assist with compliance activities and audits for ISO27001, Cyber Essentials & Cyber Essentials Plus certification Provide technical expertise on security best practices ...

Duties: Implement, manage and actively monitor security controls across e-mail, endpoint, and cloud environments Monitor and respond to security incidents using advanced threat detection tools Assist with compliance activities and audits for ISO27001, Cyber Essentials & Cyber Essentials Plus certification Provide technical expertise on security best practices ...

Duties: Implement, manage and actively monitor security controls across e-mail, endpoint, and cloud environments Monitor and respond to security incidents using advanced threat detection tools Assist with compliance activities and audits for ISO27001, Cyber Essentials & Cyber Essentials Plus certification Provide technical expertise on security best practices ...