51 to 75 of 124 Threat Intelligence Jobs in the South East

malware, network traffic, and system logs to uncover threats. Incident Response: Lead security response efforts, including containment, eradication, and recovery of cyber incidents. Forensics & Threat Hunting: Conduct forensic investigations and proactive threat hunts to detect and mitigate potential risks before they escalate. Threat Intelligence: Utilise intelligence … Looking For 5+ years experience in Security Operations Centre (SOC) and Incident Response (IR). Proficiency in digital forensics, malware analysis, SIEM tools, and threat intelligence. A solid understanding of cyber threats, particularly in regulated industries. Experience conducting security exercises and breach simulations. Excellent communication skills, with the ability More ❯

guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS …/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead & Mentor: Manage SOC analysts and support their technical and professional growth. Tool Optimisation: Oversee and fine-tune security platforms … innovation and stay ahead of emerging threats, tactics, and techniques. External Engagement: Work with partners to strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring More ❯

guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS …/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead & Mentor: Manage SOC analysts and support their technical and professional growth. Tool Optimisation: Oversee and fine-tune security platforms … innovation and stay ahead of emerging threats, tactics, and techniques. External Engagement: Work with partners to strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring More ❯

an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber … threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber … threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre More ❯

UK Security Clearance (DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide More ❯

translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops … such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills … pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network More ❯

translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops … such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills … pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network More ❯

cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. … WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP More ❯

compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and More ❯

compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and More ❯

translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops … such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Experience supporting RFP … pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network More ❯

translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops … such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Experience supporting RFP … pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network More ❯

and work with cutting-edge technologies in a fast-paced, collaborative environment. What You’ll Do Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and … as an escalation point for complex or critical security incidents Collaborate with clients and internal teams to enhance security services and posture Champion automation, intelligence-driven security, and regulatory compliance Stay ahead of emerging threats and implement proactive defence strategies What You’ll Bring 5+ years in cybersecurity operations … SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC (GSOM, GCIH More ❯

and work with cutting-edge technologies in a fast-paced, collaborative environment. What You’ll Do Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and … as an escalation point for complex or critical security incidents Collaborate with clients and internal teams to enhance security services and posture Champion automation, intelligence-driven security, and regulatory compliance Stay ahead of emerging threats and implement proactive defence strategies What You’ll Bring 5+ years in cybersecurity operations … SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC (GSOM, GCIH More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯

help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model … We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP More ❯