26 to 50 of 82 Threat Intelligence Jobs in London

and remediation. Deploy, manage, and continuously improve security tools, including vulnerability management, identity management, and attack surface monitoring. Analyse emerging threats and vulnerabilities, leveraging threat intelligence to proactively mitigate risks Perform proactive threat hunting, research, and analysis, delivering actionable intelligence to IT and security teams Perform … translate into real world technical solutions. Significant experience in the field of Information Security including Governance, Risk management and Compliance frameworks, Security Awareness and Threat Intelligence. Ability to effectively communicate complex security or intelligence related information to both technical and non-technical audiences. Proven hands-on expertise in More ❯

an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

and above incidents Provide Incident response support for all incidents using playbooks. Forensic/Deep Dive analysis providing value dashboards and reports/Threat Hunting/Threat Intelligence Collaborate and work with the InfoSec SOC team Support future cloud migrations Document policies, processes, toolkits and dashboards Identifying … Years within a Cyber Security role Previous experience as SOC/Security analyst Solid understanding of Security Architecture Experience in MDR, EDR and Threat Hunting SIEM tool exposure Relevant Cyber Security qualifications Excellent communication Skills Scripting or coding in Python, Ruby or PowerShell (desirable) For more information on the More ❯

the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with More ❯

to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role … actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver … business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and More ❯

severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements … and extract indicators of compromise (IOCs). Continuous engagement with the Threat Intelligence and 24x7 Monitoring teams. Provide ad-hoc on-call support to review threats and response actions for off-hour critical incident response. What you'll need Job Complexity: Works on and may lead projects or … equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be More ❯

event data, and alerts to identify potential threats Knowledge and experience of network protocols, traffic analysis, and cyber-attack methodologies Knowledge and experience of threat intelligence, risk management, vulnerability management, and penetration testing Please note sponsorship is not available for this position, and you must be able to More ❯

be progressing your career at a global, hugely profitable, Investment Management firm. As a Cyber Defence Analyst you will take a proactive approach to threat hunting and security incident response. You'll play a key role in detection enhancements, improvements to standard operating procedures and will collaborate with internal … strong experience in Security Operations, CSIRT or similar role You have experience of building out functions of a Cyber Defence Team e.g. insider risk, threat intelligence, breach attack simulation You have a strong knowledge of SIEM and deep Splunk experience You have a good understanding of various security More ❯

auditors and enterprise clients; experience representing security to financial institutions. Strong understanding of enterprise risk management methodologies. Technical background with knowledge of security operations, threat intelligence, and secure architecture. Experience working in or with cloud-native environments (AWS, Azure, GCP). CISSP, CISM, or similar certifications strongly preferred. More ❯

incident response, compliance, and implementing innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in Azure environments. … response: investigate and mitigate security incidents, applying root cause analysis and remediation. Security testing: conduct regular application and network security assessments to identify vulnerabilities. Threat intelligence: monitor the cybersecurity landscape for emerging threats and develop innovative defensive strategies. Development security: monitor version control systems, identify vulnerabilities, and collaborate More ❯

we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a … Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and effectiveness More ❯

and secure-by-design approaches. Exposure to DevSecOps practices, security tooling integration into CI/CD pipelines, and secure development lifecycle support. Awareness of threat intelligence, attack vectors, and emerging vulnerabilities across enterprise IT ecosystems. Ability to contribute to client workshops, security design reviews, and collaborative problem-solving More ❯

Lead the security working group for specified national capabilities Apply and implement Secure by Design Monitor systems for anomalies or unusual events, and use threat intelligence sources to identify security incidents and coordinate with relevant stakeholders for a swift resolution Enhance the security culture within the national Policing More ❯

DFTO, responsible for establishing and maturing the group's overall cyber security posture, ensuring it effectively mitigates risks in the face of the evolving threat landscape. This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating … gaps, and develop/oversee implementation of tailored uplift programmes. Develop core cyber capabilities: Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence/vulnerability management programs as key priorities. Group Cyber Services & Technology: Develop, promote and implement shared cyber services and evaluate/select … Extensive experience developing and implementing cyber security strategies, frameworks (including maturity models), and risk management methodologies in complex organisations. Accredited in ISO27001 or similar. Threat Landscape & Incident Response: Deep understanding of modern cyber threats and attack vectors, coupled with proven experience in developing and managing effective incident response processes. More ❯

remote London/Berkshire Overview: Senior SOC Analyst Level 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting/triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents/… escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills … of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules, optimising performance, and reducing false positives. More ❯

addressed to meet organisational objectives, using a risk-based approach. Help public sector bodies improve their vulnerability management life cycle. Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures and to enhance the quality and type of data provided to customer organisations. Work with … the service owner and customer organisations to identify gaps in our monitoring capability and improve and expand the scope of the vulnerability and threat data we can provide. Your skills: Analysis Communication (security architect) Designing secure systems Enabling and informing risk-based decisions Research and innovation Security technology Vulnerability More ❯

addressed to meet organisational objectives, using a risk-based approach. Help public sector bodies improve their vulnerability management life cycle. Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures and to enhance the quality and type of data provided to customer organisations. Work with … the service owner and customer organisations to identify gaps in our monitoring capability and improve and expand the scope of the vulnerability and threat data we can provide. Your skills: Analysis Communication (security architect) Designing secure systems Enabling and informing risk-based decisions Research and innovation Security technology Vulnerability More ❯

addressed to meet organisational objectives, using a risk-based approach. Help public sector bodies improve their vulnerability management life cycle. Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures and to enhance the quality and type of data provided to customer organisations. Work with … the service owner and customer organisations to identify gaps in our monitoring capability and improve and expand the scope of the vulnerability and threat data we can provide. Your skills: Analysis Communication (security architect) Designing secure systems Enabling and informing risk-based decisions Research and innovation Security technology Vulnerability More ❯

for improvement, plan implementation of improvements, and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in More ❯

NOC environments. A good understanding of SOC deployment or operation and/or typical SOC solutions or technologies (e.g. SOAR, SIEM, orchestration and automation, threat intelligence, incident response) would be a plus. • Proven ability to handle technical escalations, working closely with both technical and business stakeholders. • Experience with More ❯

and configuring a wide range of security technologies, including SIEM solutions, DLP solutions, firewall solutions, cloud security centers, IPS (Intrusion Prevention Systems), CTI (Cyber Threat Intelligence) solutions, and vulnerability scanners. Proxy solutions like Zscaler are essential. At least one professional certification; CISSP, CISM, CCSP. What we offer you More ❯

Security function? Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat. This is an opportunity to join a high performing team that … learn, and experience within a Security Operations Centre (SOC). Understanding of SOC tools and technologies, such as SIEM, IDS/IPS, EDR and threat intelligence platforms. Proven experience of assessing maturity, managing SOC services and delivering improvements within a SOC environment. Experience bringing a technology perspective to More ❯

the surface, deep, and dark web. ZeroFox offers the only unified cybersecurity platform combining advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to protect customers from growing threats across the external attack surface. More ❯