6 of 6 Threat Intelligence Jobs in the South West

PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. Conduct forensic analysis, malware reverse engineering, and develop IOCs and detection signatures. Manage and integrate logs from various sources, ensuring full … visibility and compliance. Analyse attacker TTPs and manage threat intelligence, including incident assessment and reporting. Collaborate with stakeholders to ensure operational effectiveness and continuous process improvement. Maintain knowledge of current cyber threats and emerging trends. What you'll bring: Proven hands-on experience with SIEM and SOAR platforms ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

role in monitoring, triaging, and investigating security events across a range of client environments. You’ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends … Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving ...

play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government, or other highly regulated … cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection use cases, correlation rules, and security monitoring processes. Work closely with cloud ...

high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role … protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. Operated endpoint security and endpoint detection and response (EDR) tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk … based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through to completion. Act as Incident Commander for security incidents during London hours, coordinating first responders, IT, Legal, Compliance ...