26 to 50 of 65 Threat Detection Jobs in London

NAO's digital future. We're on the lookout for passionate, curious, and collaborative security professionals across a wide range of specialisms. Whether your expertise lies in governance, engineering, threat detection, or cloud security, you'll find real scope to make an impact-both within InfoSec and across the wider organisation. Be part of a diverse and expanding More ❯

the Bank's security posture through governance, assurance, architecture, and operations. Manage the relationship and performance of our Managed Security Services Provider (MSSP). Oversee security operations including monitoring, threat detection, incident response, and threat hunting. Lead investigations, forensic analysis, and ensure lessons learned from incidents. Drive project delivery to mitigate key risks and ensure audit-readiness. More ❯

management tools (e.g., Terraform, Helm, ArgoCD). United Kingdom Security Vetting Developed Vetting (DV) clearance. Preferred qualifications: Certifications in Security (e.g., GSEC, CISSP, CISM, OSCP). Experience with Kubernetes threat detection and anomaly detection. Experience with service mesh security concepts (e.g., Istio, Linkerd) and workload identity. Experience in detection engineering, logging pipeline development, or SIEM tuning in … security platforms with a strong emphasis on Kubernetes-based environments. You'll be at the intersection of security and engineering-developing scalable tooling, automating security controls, and enabling robust detection and response capabilities across our cloud infrastructure. This is an engineering-centric role that requires deep technical expertise in cloud environments, Kubernetes security, and platform automation. You'll work … needs of local, state and federal government and educational institutions. Responsibilities Deploy, configure, and manage cloud security platform tools and technologies, including Security Information and Event Management (SIEM), Intrusion Detection/Prevention Systems (IDS/IPS), and Cloud Workload Protection Platforms (CWPP). Develop and implement security monitoring and logging strategies. Investigate and analyse security incidents, including identifying root More ❯

our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will work alongside our team of security analysts and engineers to collectively … Management (SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with … and key company assets to enhance decision making and response to incidents. Tool and Platform Management Maintaining and optimising our Cyber Security tools and platforms to continuously improve our detection and response capability. Supporting the management, administration and support of our SIEM platform, including general infrastructure and system administration, troubleshootingand user access management Maintaining and tuning security detections and More ❯

Citi's Cyber Intelligence Center (CIC) is a global team that delivers timely threat intelligence to technical teams and decision makers, in support of threat detection, preparation, and incident response activities. The Regional Lead will oversee the team's operations in the UK/EU time-zone, including oversight of regional staff, driving quality control, collaboration with … other cyber-technical functions in the region, and working with senior leaders. The role will also help maintain our network of global intelligence partners. Direct experience in cyber threat intelligence is a necessity. This is a hybrid role with an in-office attendance component. Experience in fusion center operating environments or crisis response will be helpful. Responsibilities: Lead the … regional co-ordination of a cyber threat intelligence function Support local leadership and business in their intelligence needs Provide intelligence support to adjacent teams in a fusion center environment. Oversee quality control and production strategy for the region Conduct internal and external briefings on a regular basis, including to company leadership, to peer sharing environments, and to customers and More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

and reporting across Formula 1’s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1’s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing More ❯

end-to-end security controls across ION Markets on-premises infrastructure and other internal platforms. The role spans security architecture, engineering, and operations with a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be leading and participating in threat detection, incident response and vulnerability management remediation. You … best practices. Stay up to date with the latest security threats, news, intelligence, tactics, techniques, and vulnerabilities; conduct research and analysis to assess potential impact and exposure. Perform proactive threat hunting activities, and manage the triage, investigation, and escalation of security alerts. Develop Standard operating procedures for operations & architecture activities. Required Skills, Experience and Qualifications Degree/diploma/ More ❯

link Copy link Bachelor's degree or equivalent practical experience. 5 years of experience in cybersecurity, with an offensive security (e.g., Red Teaming, Penetration Testing, or Adversary Simulation) or threat modeling. Experience in a Security Operations Centre (SOC) or similar environment, with modern threat landscapes and attack techniques. Experience in technical troubleshooting and writing code in one or … more programming languages. Experience in threat modeling methodologies (e.g., STRIDE, PASTA, or attack trees) and secure system design principles. Eligibility to obtain UK Developed Vetting (DV) security clearance; British Citizenship is required for this role. Preferred qualifications: Certifications in OSCE3, CRTP/CRTE, GIAC GCSA/Kubernetes-related, OSCP, OSCE, CRTO, CISSP, or GIAC (e.g., GPEN, GCTI, GWAPT). … Experience designing or executing Purple Team exercises, combining offensive tactics with defensive feedback to drive continuous improvement. Experience with Kubernetes security, including secure cluster configuration, workload hardening, and threat detection in containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE More ❯

while integrating with network controls, such as firewalls and ACLs Experience working with Security Operations Centres to deploy IDS/IPS and NDR systems, ensuring real-time monitoring and threat detection Ability to implement comprehensive security controls, from proactive threat modelling (using frameworks like STRIDE or MITRE ATT&CK) to low-overhead in-kernel monitoring, using tools More ❯

fund that is number one in their specialist area and is currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach. Automate manual processes utilizing Infrastructure as Code (IaC). Collaborate and co-develop with external suppliers and internal engineering … teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming languages such as Python, Rust, C++, or others. Knowledge of SecOps tooling (SIEM, SOAR, Threat Intelligence). More ❯

and LogRhythm to join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate … security alerts from Microsoft Sentinel and LogRhythm . Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and More ❯

IT environments. Experience with penetration testing and vulnerability assessments; certifications such as CEH (Certified Ethical Hacker) are an advantage Solid hands-on experience managing and administering SIEM platforms for threat detection and incident analysis. Strong interpersonal and communication skills, with the ability to collaborate across teams-including non-technical stakeholders Analytical mindset combined with a pragmatic, solution-oriented More ❯

projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability for specific environments, and determine optimal implementation timing and approach. Manage large-scale programmatic engagements, including stakeholder engagement, scoping … and issue escalation. Business development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long-term More ❯

U.S. banking expansion and business unit reviews Tech & tools you’ll use: Protecht – Enterprise risk and audit management Panorays – Third-party risk tooling Rapid7/Armis – Vulnerability management and threat detection Proofpoint – Phishing and awareness platform Microsoft Purview – Data governance and compliance Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued) Why this role? High-impact GRC project More ❯

U.S. banking expansion and business unit reviews Tech & tools you’ll use: Protecht – Enterprise risk and audit management Panorays – Third-party risk tooling Rapid7/Armis – Vulnerability management and threat detection Proofpoint – Phishing and awareness platform Microsoft Purview – Data governance and compliance Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued) Why this role? High-impact GRC project More ❯

emerging technologies to enhance operations, security, and digital transformation. Infrastructure & Security Oversight Manage core IT infrastructure including networks, cloud environments, and trading systems. Ensure best-in-class cybersecurity practices: threat detection, endpoint protection, encryption, and compliance. Maintain and regularly test business continuity and disaster recovery plans. Operational Support & Efficiency Oversee the IT helpdesk and ensure responsive, high-quality More ❯

days per week Some of the main duties of the Cyber Security Manager will include: Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise damage. More ❯

and domain expert within the organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work with other engineering leaders to … embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security controls and supervising strategies to grow our threat detection capabilities. Seek opportunities for … tooling and automation WHAT YOU'LL BRING: 5+ years of proven experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth More ❯

NAO's digital future. We're on the lookout for passionate, curious, and collaborative security professionals across a wide range of specialisms. Whether your expertise lies in governance, engineering, threat detection, or cloud security, you'll find real scope to make an impact-both within InfoSec and across the wider organisation. -Be part of a diverse and expanding … focussed organisation and making processes simpler. • Proactive and positive attitude towards ongoing role focussed personal development. • Understanding of key security principles, threats, controls, and risks • Detailed knowledge of key threat actors affecting the NAO. Desirable • Significant experience working within or implementing ISO 27001:2022 ISMS • Experience maintaining Cyber Essentials Plus • Hold one or more of the following industry accreditations More ❯

day-to-day operation of identity and access services, including: o Access Management o Identity Governance o Role-Based Access Control (RBAC) o Privileged Access Management (PAM) o Identity Threat Detection and Response o Access Reviews and Certifications o Identity Data Analysis and Reporting Help ensure users only have access to the systems and data they need, working More ❯

development and day-to-day operation of identity and access services, including: o Access Managemento Identity Governanceo Role-Based Access Control (RBAC)o Privileged Access Management (PAM)o Identity Threat Detection and Responseo Access Reviews and Certificationso Identity Data Analysis and Reporting Help ensure users only have access to the systems and data they need, working with managers More ❯

work as part of a small, expert team responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running … and responding to threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the More ❯

on IaaS, container security (e.g., AKS), and DevOps pipelines Evaluate Terraform scripts, advising on automation processes for secure infrastructure deployment Optimize Azure Defender and other monitoring tools to elevate threat detection capabilities Implement Conditional Access policies, enforcing zero trust and least privilege principles Collaborate across teams to align security protocols with operational objectives Required Skills/Qualifications: Experience More ❯