from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process ThreatIntelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threatintelligence into security monitoring processes. Contribute to the development of threatintelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threatintelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) ThreatMore ❯
Nottingham, Nottinghamshire, United Kingdom Hybrid / WFH Options
Experian Group
people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade E Job Description Experian Cyber Fusion Center is looking for a ThreatIntelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization and … lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the ThreatIntelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of Primary … Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing relevant More ❯
Northampton, Northamptonshire, England, United Kingdom Hybrid / WFH Options
PLANET RECRUITMENT SERVICES LTD
WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threatintelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). ThreatIntelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom
COMPUTACENTER (UK) LIMITED
providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯
secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review. Understand ThreatIntelligence and its use in an operational environment Threat Hunting and the ability to look for attacks that may not have been captured Support incident response to More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Littlefish
day basis. Provide out of hours technical escalation support to shift analysts Main Duties and Responsibilities: Developing SIEM detection rules and tuning alerts across our client estates. Conduct proactive threatintelligence research and carry out threat hunting across client estates Training of analysts and developing training resources and materials Act as a point of escalation for the … Understanding of security attack vectors and techniques utilised, including areas such as Business Email & user account Compromise, malicious payload installation & execution and reconnaissance activity. Understanding of the everchanging emerging threat landscape and how to interpret these threats to create initiate mitigation actions across a clients security estate. Willingness to learn, adapt, and innovate Critical thinking and analytical skills Excellent More ❯
relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams. Security Operations: Implement and enhance security controls across various platforms (Microsoft 365/Azure, AWS, Salesforce, etc.). Manage threatintelligence, monitoring, and incident response. Policy Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. More ❯
the security development and testing offerings. Represent the function in client engagements, pre-sales discussions, and technical assessments. Design and present tailored solutions based on customer-specific challenges and threat landscapes. Collaborate on statements of work (SOWs) and influence product roadmaps. Service Delivery Assurance Oversee performance and quality of services delivered, ensuring SLA and KPI compliance. Implement governance mechanisms … the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threatintelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement in client More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
BT Group
play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich … you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both technical and business audiences) Query Optimization and Performance Tuning: Write efficient Elasticsearch … informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance data enrichment by integrating threatintelligence feeds and contextual information. Keep abreast of relevant technologies in the area Reading, attending briefings and talks. Contribute to the running of your team. Knowledge-sharing, In More ❯
system by using a mix of research and practical exploration Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threatintelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards Research and investigate common attack techniques and … relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source) Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer Source and analyse security cases and … computer, digital network and cyber security technology Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends Write program code or scripts to meet a given design requirement in accordance with employers' coding standards Identify cyber security threats relevant to a defined context Accurately, objectively More ❯