26 to 50 of 88 Threat Detection Jobs in the South East

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom … scripting. Engineer secure log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g. More ❯

will work across product teams to deliver this feedback Your Impact Drive innovation within the modern Security Operations Center (SOC) by developing content and capabilities aligned with Cortex and detection-focused workflows. Collaborate with legal, sales, product, and customer-facing teams to translate security operations needs into actionable product improvements. Lead and coordinate cross-functional initiatives across product management … engineering, and field teams for high-impact security use cases. Build high-quality content for the Cortex Marketplace including detection rules, parsers, dashboards, and other SOC-enabling artifacts. Provide structured product feedback to influence roadmap decisions based on real-world SecOps challenges and opportunities. Create detailed documentation and usage guides tailored for analysts, detection engineers, and security practitioners. … Promote operational excellence by designing scalable detection and response workflows grounded in industry best practices and threat-informed defense. Qualifications Your Experience Ability to inspire and align teams across functions, paired with strong execution and delivery skills. 2+ years of experience in security operations, threat detection, incident response, or detection engineering roles Solid understanding of More ❯

will work across product teams to deliver this feedback Your Impact Drive innovation within the modern Security Operations Center (SOC) by developing content and capabilities aligned with Cortex and detection-focused workflows. Collaborate with legal, sales, product, and customer-facing teams to translate security operations needs into actionable product improvements. Lead and coordinate cross-functional initiatives across product management … engineering, and field teams for high-impact security use cases. Build high-quality content for the Cortex Marketplace including detection rules, parsers, dashboards, and other SOC-enabling artifacts. Provide structured product feedback to influence roadmap decisions based on real-world SecOps challenges and opportunities. Create detailed documentation and usage guides tailored for analysts, detection engineers, and security practitioners. … Promote operational excellence by designing scalable detection and response workflows grounded in industry best practices and threat-informed defense. Qualifications Your Experience Ability to inspire and align teams across functions, paired with strong execution and delivery skills. 2+ years of experience in security operations, threat detection, incident response, or detection engineering roles Solid understanding of More ❯

We're looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with … IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

technical acumen to embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across … security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and/or compromise assessments to identify active or dormant More ❯

technical acumen to embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across … security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and/or compromise assessments to identify active or dormant More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure … configurations and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure … configurations and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure … configurations and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure … configurations and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and More ❯

Senior Security Engineer – Detection & Automation Here’s a great opportunity for a hands-on Senior Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts … to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting or API connections. Tune detection use cases and improve visibility across cloud/on-prem environments. Support client onboarding and configuration alignment. Mentor junior engineers and analysts. You’ll bring: 3–5 years’ experience in SOC or security engineering. … Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative environment. If you love improving More ❯

EMEA Managed SOC operations. Combining strong go-to-market capability with deep technical expertise, our Belfast and Reading hubs support product innovation, security research, and 24/7 Managed Detection and Response services. The team operates in a hybrid working model, collaborating closely with global product and threat research teams to deliver world-class detection, response, and … proven experience in Cyber Security and 4+ years in a similar senior cybersecurity leadership, architecture, or advisory role, responsible for revenue growth. Strong understanding of security operations, vulnerability management, threat detection, cloud security, and compliance frameworks. Knowledge of Rapid7's Platform and its components, including Managed Detection and Response (MDR), Exposure Management (Surface Command, Exposure Command, Exposure … Command ADVANCED), Attack Surface Management, Next-Gen SIEM, Cloud Security, Vulnerability Management, and Threat Intelligence. Strong understanding of the Microsoft Security Stack and how to drive business value alongside this through partnering. Deep knowledge of the UK & Ireland security landscape, including regulations, industry trends, and customer challenges including compliance regulations relevant to the UK & Ireland landscape (e.g. GDPR, NIS2 More ❯

with a wide variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate … within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring (SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls. Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can be exploited by adversaries impacting Confidentiality … which could lead to a Cyber Security Incident. Inspection and correlation of logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC). Continuously scan the Threat Horizon to report and classify Threats according to impact which could potentially damage a clients network or solution. Engage with various security communities to review and share knowledge on More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. Incident … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

WAN, SD-WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection … center design, virtualization, storage, backups, disaster recovery, networking (LAN/WAN, SD-WAN), cloud connectivity. Cloud and Datacenter: IaaS/PaaS migrations, cloud governance, hybrid architectures, cloud security. Cybersecurity: threat prevention/detection, IAM, endpoint protection, SOC-oriented operations, incident response planning. Solution architecture and proposal skills: ability to translate business needs into standardized reference architectures, bill of More ❯