51 to 75 of 251 Threat Detection Jobs in London

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure More ❯

applications. Deploy and Manage Security Tooling: Select, implement, and operate key tools across GCP , such as Cloud Armor , Cloud Identity , Security Command Center , and VPC Service Controls for ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and … Risk Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on cloud and application security fundamentals. Mentor and Lead: Act as a mentor to future hires, helping scale a high-impact cloud security function as the business grows. What you'll … with core cloud security components including IAM , WAFs , SIEM , CSPM , and vulnerability scanners. Technical Skills: Proficiency in at least one scripting or programming language (e.g. Python, Go, Bash). Threat Modeling: Practical knowledge of frameworks like STRIDE and PASTA. Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Collaborative Expertise: Clear and effective communication More ❯

collaboratively, and share ideas, knowledge and experience with team members as required. Assist in continuously updating the company’s security incident, data breach response and disaster recovery plans. Undertake threat detection practices. Undertake security hardening support practices with teams. Vulnerability management to analyse findings from vulnerability reports, assist with risk assessments on the vulnerabilities and coordinate remediation and … in IT support/infrastructure would be advantageous (e.g. servers, networking protocols, security controls, O365/Azure). First-hand experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products. Able to communicate effectively in verbal and written format with technical and non-technical audiences. Ability to effectively plan, schedule and adapt More ❯

FinOps) Collaborate with architects, developers, and security teams to align delivery with business and compliance objectives Implement security-first DevOps using tools like Terraform, Kubernetes, Jenkins, and CloudWatch Lead threat detection, logging, and incident response strategies across environments Define DevSecOps practices and mentor junior engineers in modern cloud security and automation Experience: Strong leadership in cloud security, especially More ❯

Monitor and mitigate security risks, responding to security alerts to protect infrastructure and data. Technology Leadership & Research Stay current with emerging technologies and best practices in hybrid cloud environments, threat detection and cybersecurity. Provide technical leadership on system upgrades, infrastructure improvements and new technologies. Disaster Recovery & Data Protection Implement robust backup and disaster recovery solutions, ensuring business continuity More ❯

for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You’ll Do:· Assess Acadian’s cloud IAAS environments for Indicators of Misconfiguration (IOMs) utilizing AWS built-in and More ❯

Security Operations (SecOps) Team, where we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security threats. … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and effectiveness of our security operations. Lead the response to security incidents from initial detection More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

Manager Contract role (Outside IR35) Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft Sentinel, Defender, and KQL. Key … Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science … Proven experience managing a SOC/Security Operations function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply immediately as first stage interviews are taking place this week. Alternatively, feel More ❯

unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You will work at the forefront of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns), while refining your skills across enterprise-scale log ingestion and customised Sentinel integration engineering. This role offers the chance to ingest … Role You will own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that enhance threat detection and response. Log ingestion at scale across hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry for accuracy … and cost efficiency Partner with IR teams on active threats – tuning rules based on live threat actor activity Collaborate with Microsoft teams to develop advanced detection capabilities Contribute to internal knowledge sharing and engineering standards What’s needed? Experience building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint More ❯

strategic defences while staying hands-on in the fight against evolving threats. Reporting to the Head of Cyber Security, the Senior SOC Engineer will play a critical role in threat detection, incident response, and driving the implementation of best-in-class security operations across the business. Microsoft Security Engineer Key Responsibilities: Oversee the end-to-end security monitoring … process, including log management, threat detection, and response using tools like Microsoft Sentinel . Drive vulnerability management efforts and support remediation in collaboration with IT teams. Lead investigations into security incidents, coordinating with internal teams and external partners as needed. Maintain and continuously improve security controls across Microsoft Defender, Azure, Intune, and Purview. Design and implement and access … Security Engineer Your Skills & Experience: Must Have: SC-200 or equivalent Microsoft Security certification. Strong experience in Microsoft Security technologies: Sentinel, Defender, Purview, Azure, Intune. Experience with incident response, threat hunting, and security operations processes. Familiarity with Tenable Nessus and KQL for query building. Strong foundation in operating systems (Windows Server/Desktop) and networking. Eligibility for Security Clearance More ❯

Job Summary: We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and … mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing … cloud-native applications. Key Responsibilities: Threat Modeling & Risk Assessments Lead the development of threat models for AWS-based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture. Create detailed reports, diagrams, and other documentation to communicate More ❯

Job Summary: We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and … mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing … cloud-native applications. Key Responsibilities: Threat Modeling & Risk Assessments Lead the development of threat models for AWS-based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture. Create detailed reports, diagrams, and other documentation to communicate More ❯

Job Summary: We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and … mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing … cloud-native applications. Key Responsibilities: Threat Modeling & Risk Assessments Lead the development of threat models for AWS-based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture. Create detailed reports, diagrams, and other documentation to communicate More ❯

role will be pivotal in enhancing our cybersecurity framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our platforms … XDR products, including their integration with existing tools, utilizing them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate endpoint … required Qualifications And Required Skills Proven experience with Microsoft Sentinel and Defender XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large amounts of data from various More ❯

will manage, mentor, and train two junior SOC analysts, while delivering security operations services to clients across various industries. As a Senior SOC Analyst , your responsibilities include incident response, threat hunting , and real-time defence management . You will guide and mentor junior analysts and leverage automation and AI tools, including SOAR platforms, to enhance security outcomes. This role … Responsibilities Mentorship & Team Leadership: Support junior analysts with ticket escalation and incident investigations, fostering collaboration and learning. Client Relationship Management: Manage ongoing communications and ensure technical needs are met. Threat Detection & Analysis: Triage and analyze alerts across SIEM platforms (e.g., Microsoft Sentinel, ELK stacks). Log & Threat Intelligence Analysis: Conduct detailed log analysis and threat research … AZ-500 are highly desirable. Proficiency with EPP tools like Microsoft Defender for Endpoint and SentinelOne. Experience with ticketing systems and end-to-end workflows. Strong incident response and threat hunting skills. Excellent problem-solving and decision-making under pressure. Exceptional communication and customer-focused interpersonal skills. SANS certifications are desirable but not essential. #J-18808-Ljbffr More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

services, government, and high-tech sectors. With a team of over 100 security professionals and consultants, the firm is committed to helping organizations stay resilient in an increasingly complex threat landscape. By combining deep technical knowledge with strategic thinking, they’ve built a strong reputation as a trusted partner in information security. About the Role: As a Graduate Cyber … clients in strengthening their cyber defence. You’ll work closely with senior consultants and engineers, gain hands-on experience across a variety of engagements, and help clients navigate compliance, threat detection, and incident response challenges. This is a rare opportunity to kickstart your career in cyber security within a collaborative and fast-paced environment. Responsibilities: Assist in conducting … industry best practices. Requirements: Bachelor’s or Master’s degree in Cyber Security, Computer Science, Information Security, or a related field. Strong understanding of network protocols, system architecture, and threat landscapes. Basic familiarity with security tools (e.g., Wireshark, Nessus, Burp Suite, SIEM platforms). Excellent analytical, problem-solving, and communication skills. Eagerness to learn and a strong interest in More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS-layer protection, and More ❯