101 to 125 of 191 Threat Intelligence Jobs in the South East

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯

implementing and managing advanced security solutions. With expertise in SOC engineering tools and one of either Cloud Security, Identity and Access Management (IAM) or Threat Modelling, this role focuses on enhancing the security posture of organisations. The consultant will lead strategic security initiatives, collaborate with clients or stakeholders to … architectures across multi-cloud platforms (AWS, Azure, Google Cloud). Design and deploy IAM solutions to ensure robust authentication, authorisation and access controls. Lead threat modelling exercises to identify, assess and mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel … . Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security, with a significant portion in a leadership role. A background in SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat More ❯

implementing and managing advanced security solutions. With expertise in SOC engineering tools and one of either Cloud Security, Identity and Access Management (IAM) or Threat Modelling, this role focuses on enhancing the security posture of organisations. The consultant will lead strategic security initiatives, collaborate with clients or stakeholders to … architectures across multi-cloud platforms (AWS, Azure, Google Cloud). Design and deploy IAM solutions to ensure robust authentication, authorisation and access controls. Lead threat modelling exercises to identify, assess and mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel … . Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security, with a significant portion in a leadership role. A background in SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat More ❯

with a business-focused approach - protecting what is most valuable to our clients. You'll be assessing risk across business, technology and operations, considering threat intelligence and helping to build the full security view that underpins systems resilience and client confidence. Required qualifications to be successful in this More ❯

service desk system for the Primark environment Contribute to the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response Participant in the triaging events from a wide range of sources, including reports from employees, security systems and threat intelligence More ❯

and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with expertise and … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll More ❯

and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with expertise and … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll More ❯

and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with expertise and … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll More ❯

Linux systems. Proficient in using SIEM tools like ArcSight and Azure Sentinel; experienced with KQL and basic XDR platforms. Familiar with OSINT techniques for threat intelligence and incident investigation. Holds or is working toward relevant certifications such as CISSP, CySA+, GCIH, and CASP, with a degree/diploma More ❯

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations from phishing, ransomware, data theft, and other everyday and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for … threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for … threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for … threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for … threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion … Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action More ❯

part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion … Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action More ❯

and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support risk assessments, threat modelling, and incident response initiatives. Work closely with stakeholders to ensure compliance with NCSC and other relevant security policies. Develop and deliver security strategies … technical expertise in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯

a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What we’re More ❯