1 to 25 of 28 Advanced Persistent Threat Jobs in the UK

Seeking a highly experienced SOC L3 Analyst to strengthen our Security Operations Center. As a Tier 3 CERT Analyst, Candidate will lead the investigation and remediation of advanced cyber threats, leveraging cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender and other security stacks. Candidate will handle complex incidents like APTs, malware, and data breaches, ensuring swift … effective responses to minimize risk to the organization and its clients. The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecurity threats, as well as managing security tools and mentoring junior analysts. This role involves proactive threat hunting, incident response, and collaboration with cross- functional teams to enhance the organization s security posture. Key responsibilities … 1. Incident Detection and Response: o Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. o Take ownership of Tier 3- level escalations More ❯

countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Cyber Threat Hunter Job Title: Cyber Threat Analyst Requisition ID: 121703 Location: Leeds and surrounding area Grade: GG08 - GG09 Role Description BAE Systems have been contracted to undertake the day-to … environments that must be protected. The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of SC clearance with the potential for DV Clearance in the future. This role reports to the … Delivery Lead/PMO. The Role You will be/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results. Experienced with and have sufficient knowledge of More ❯

Cyber Threat Analyst - National Security West View more categories View less categories Clearance Level DV ,SC ,None/Undisclosed Sector Defence ,Engineering ,Information Technology Job Type Permanent Location(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand … complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Cyber Threat Hunter Job Title: Cyber Threat Analyst Requisition ID: 121703 Location: Leeds and surrounding area Grade: GG08 - GG09 Referral Bonus: £5,000 Role Description BAE Systems have been contracted to undertake the day-to-day operation … environments that must be protected. The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of SC clearance with the potential for DV Clearance in the future. This role reports to the More ❯

My client, an International Financial Services firm, based in London, are looking for a Senior Cyber Threat Hunter to join their growing team. This role will require you to work two days per week in their offices close to Canary Wharf. About the Senior Cyber Threat Hunter Role: My client is seeking a highly motivated, and skilled Senior … Threat Hunter to join a global threat management team. The role will be located in London. The position will report to the Head of Cyber Threat Intelligence and will proactively identify, investigate, and mitigate advanced cyber threats across our organization's network and systems. Leveraging a deep understanding of the latest attack techniques, threat actor … tools including SIEM, EDR, and IDS/IPS (extract TTPs and behaviors from research to apply to logging and tool queries/hunts and detections) Research, document and develop threat detections based on behavioral attributes of actors, malware operators, and general threats Identify and execute tuning/configuration changes to improve detection or reporting capabilities Perform deep analysis of More ❯

with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency in these fundamental skill sets. Consultants … and standard security tools, other experts, and capabilities to protect and defend client organizations and their people, intellectual property, and technology against wide-ranging threats, including nation states and Advanced Persistent Threat groups that act on their behalf. Consultants must be proactive, and able to lead, manage, and problem-solve on multiple workstreams across varied client sectors … to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and are enhanced with intelligence and automation. BlueVoyant are trusted cyber-security partners and advisors to some of the More ❯

Description We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards improving CME Group's security posture. This role will be responsible for participating in the execution of Red Team cyber exercises of internal and internet facing information systems and infrastructure to identify misconfigurations and … cyber security vulnerabilities that could be exploited by a threat actor to gain unauthorized access to computer systems and data. In addition, the role will require participation in Purple Team exercises to help the Blue Team improve their detection capabilities. This is a perfect opportunity for the right person to become a key part of a team of highly … skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. Principal Responsibilities Lead red team exercises against a hybrid environment using threat intelligence and the MITRE ATT&CK Framework. Participate in purple team exercises that are intelligence driven to test cyber detections Build and maintain Red and Purple team infrastructure, automating functions where possible. More ❯

Cyber Threat Intelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber Threat Intelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary and the opportunity … for remote working. The Role As a Cyber Threat Intelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to compromise systems. … You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and procedures (TTPs) that More ❯

and alerts Review Change Management requests for security relevance and impact Daily review of system, application logs, and custom monitoring tools Malware and Advanced Persistent Threat (APT) analysis and remediation Incident Response and Investigations Availability for rotating on-call shifts (up to 2 - 3 times per year) About You Bachelor's degree preferred or equivalent related field More ❯

and alerts Review Change Management requests for security relevance and impact Daily review of system, application logs, and custom monitoring tools Malware and Advanced Persistent Threat (APT) analysis and remediation Incident Response and Investigations Availability for rotating on-call shifts (up to 2 - 3 times per year) About You Bachelor's degree preferred or equivalent related field More ❯

will excite your customer and have them eager to hear more. Your story will be illustrated with an amazing product demonstration often followed by a proof-of-concept or threat assessment which will ultimately result in you providing a compelling solution to your customer that you will take pride in being a part of. It's an exciting time … Management, Marketing and Product Development (Engineering) teams Work with our Channel team to help support and enable our Distributors and Resellers You will become an expert in Email Security, Advanced Persistent Threats, Attack Protection, Threat Response, Data Loss Prevention (DLP), and the threat landscape Occasional travel required. What You Bring To The Team Proven hands-on More ❯

What You'll Be Working On: ️ Gathering, analyzing, and disseminating threat intelligence from multiple sources to identify emerging cyber threats ️ Identifying attack patterns, trends, and vulnerabilities to inform defensive strategies ️ Collaborating with internal teams to enhance incident response and improve threat detection capabilities ️ Producing detailed threat reports, including indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs … Supporting vulnerability management and assisting with the development of security posture recommendations What We're Looking For: ️ Proven experience as a Threat Intelligence Analyst or in a similar role within cybersecurity ️ Strong knowledge of threat intelligence platforms (TIPs), open-source intelligence (OSINT), and malware analysis ️ Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, STIX, TAXII) ️ Experience in analyzing … cyber threats, including advanced persistent threats (APTs), ransomware, and phishing attacks ️ Certifications such as GCIH, CTIA, or equivalent are highly desirable Ready to make a real impact on cyber defense More ❯

Keep You Engaged: Unlike any traditional SOC role, as a CERT analyst in Maersk, you’ll engage in a variety of activities, switching between defensive and offensive strategies, conducting threat hunts, and participating in innovative projects and research. This multifaceted approach ensures you won’t experience burnout like in a typical SOC role. Continuous Learning & Dynamic Environment: Enjoy ongoing … as Metasploit, Nmap, Cobalt Strike, Hydra, John the Ripper, Burp Suite, Mimikatz, Bloodhound, and others. Threat Hunting Ability to learn fast new advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) mapped to the cyber kill chain and apply them to incident response analysis. Create hypotheses for proactive threat hunts and utilize tools like MISP … a minimum of 2 years in a SOC or incident response role, although candidates with Cyber Security know-how and able to demonstrate essential skills, may be considered. Relevant advanced certifications (e.g., GCIA, GSEC, CEH, GCDA, GCIH, GCFA, OSCP) are highly desirable but not essential. Proven self-learning abilities demonstrated through research, GitHub projects, bug hunting, active participation in More ❯

is seeking a highly experienced and motivated Senior Red Team Operator to join our elite cybersecurity team. The ideal candidate will possess dedicated experience in planning and executing complex Threat Intel driven Red Team or even better Tiber engagements against mature enterprise environments. This role requires a deep understanding of adversary TTPs, advanced penetration testing techniques, stealth operations … and the ability to emulate sophisticated threat actors to assess and improve our organization's security posture. The successful candidate will hold relevant advanced offensive security certifications and demonstrate a passion for continuous learning and pushing the boundaries of cybersecurity. Key Responsibilities Plan, coordinate, and execute full-lifecycle Red Team operations, from initial reconnaissance and C2 setup through … to lateral movement, privilege escalation, objective completion, and exfiltration, while maintaining stealth and adhering to strict rules of engagement. Emulate the tactics, techniques, and procedures (TTPs) of known advanced persistent threats (APTs) and other sophisticated threat actors relevant to our industry and threat landscape. Develop, modify, and deploy custom tools, scripts, and exploits to bypass advanced More ❯

or sales opportunities to the Security Delivery Lead. Respond to incidents following playbooks and the Security Incident Management Process. Advise the account on Critical Security Advisories, including responses to Threat Advisories, ModCerts, Carecert, and emergency patches. Develop and maintain a vulnerability management system for zero-day vulnerabilities. Manage security information requests from clients. Lead on complex incidents and ensure … e.g., 8am-4pm or 10am-6pm. Maintain current security clearance or willingness to obtain one. Training Complete mandatory training in line with enterprise requirements and deadlines. Stay informed on threat actors, advanced persistent threats, and zero-day exploits. Show enthusiasm and a desire to develop skills and knowledge. Person Specifications Experience in handling, responding, and investigating cybersecurity … incidents. Good analytical skills and experience with log analysis. Knowledge of protective monitoring tools (e.g., ArcSight, Tanium, McAfee, Symantec, MS Defender, Microsoft 365, Azure, Azure Sentinel). Threat and vulnerability management experience. Experience reviewing malware alerts and working in SOCs, ticketing systems, and stakeholder interactions. Strong relationship-building skills with colleagues and stakeholders. Understanding of security best practices and More ❯

What You'll Be Working On: ️ Proactively identifying and investigating advanced persistent threats (APTs), malware, and other cyber threats within the organization's network ️ Utilizing threat intelligence to hunt for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) ️ Analyzing network traffic, logs, and endpoint data to detect anomalies and uncover hidden threats ️ Collaborating with incident … response and security operations teams to track down and eliminate threats ️ Continuously improving threat detection strategies and developing new tools and techniques to stay ahead of evolving threats What We're Looking For: ️ Proven experience as a Threat Hunter or in a similar cybersecurity role focused on threat detection and incident response ️ Strong knowledge of threat … frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST are highly desirable More ❯

What You’ll Be Working On: ️ Proactively identifying and investigating advanced persistent threats (APTs), malware, and other cyber threats within the organization’s network ️ Utilizing threat intelligence to hunt for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) ️ Analyzing network traffic, logs, and endpoint data to detect anomalies and uncover hidden threats ️ Collaborating with incident … response and security operations teams to track down and eliminate threats ️ Continuously improving threat detection strategies and developing new tools and techniques to stay ahead of evolving threats What We’re Looking For: ️ Proven experience as a Threat Hunter or in a similar cybersecurity role focused on threat detection and incident response ️ Strong knowledge of threat … frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST are highly desirable #J-18808-Ljbffr More ❯

quickly learn about new attack vectors and creativity to identify new threats. • Effective collaboration skills and ability to deal with ambiguity. • Experience with Advanced Persistent Threat (APT) emulation, purple teaming, and/or working with threat intelligence • Experience exploiting bugs and bypassing security mitigations in operating systems Other Requirements • This position requires verification of UK citizenship More ❯

for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding … only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Implement and evolve Canonical's SecOps security standards and … tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers More ❯

tools, system configuration or other activities to mitigate security risks to Client. Skills & Experience Required Intrusion Detection and Prevention Service (IDPS). Advanced Persistent Threat protection (APT). E-mail sandbox technology. Management of the Public Key Infrastructure (PKI) infrastructure. Vulnerability Scanning and remediation. Real-time metrics portal, as well as monthly and ad-hoc reporting. Threat More ❯

for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest and engagement in cyber attack and defence, and outstanding … only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Implement and evolve Canonical's SecOps security standards and … tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers More ❯

for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding … only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Implement and evolve Canonical's Security Operation Center Analyse … tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers More ❯

important and impactful work in the world, including defence, intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. Our offensive security engineers emulate these real-world threats and provide critical signal on attack vectors to help improve our security posture. This role will be … infrastructure. There will also be opportunities to work with our Protect team to identify vulnerabilities in our product infrastructure and help define relevant security controls. • Help defend a unique threat environment. Palantir offers an unparalleled opportunity to ply your craft on the … bleeding edge of technology, software, and AI. With a wide range of customers and global impact, our software is under constant threat from advanced persistent threats (APT). You get to think like an attacker and provide outside-the-box thinking on how to misuse our products. Core Responsibilities Perform offensive security assessments on highly complex products More ❯

s data security policy. Responsibilities: Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities on a wide array of Cybersecurity topics, from tactical threat issues to longer term policy and advocacy topics Analyze regional threat data and determine a correlation if any, to existing intelligence requirements Monitor and research cyber threats with … control issues with transparency. Qualifications: 6-10 years of relevant experience Eligibility for National Security Clearance Should have a working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats Consistently demonstrates clear and More ❯

on secure-by-design and deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs, helping develop threat models. The Role Our products support some of the most important and impactful work in the world, including defense, intelligence, and commercial applications. We are trusted by our customers … to protect their mission-critical information in the face of advanced persistent threats. The mission of the Application Security Team is to enable developers to be highly productive, agile, and produce the most secure software possible. Given the mission critical work that Palantir does, investments in application security have never been more important. As an Application Security Engineer … InfoSec organization to harden our products against our dedicated adversaries. • Architecture and design . You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to ensure we are secure-by More ❯

obtain and maintain persistence within corporate systems, while avoiding detection from common security tools. · Demonstrated knowledge of tactics related to malicious insider activity, organized crime/fraud groups, and threat actors, both state and non-state sponsored.Solid understanding of offensive and pentest technologies · Ability to provide remediations recommendation based on test and automated security testing result · Deep understanding of … how an advance persistent threat and their tactics, procedure and technics · Solid understanding of Enterprise Backend to Frontend system architecture · Familiarity with defender techniques, security monitoring and SIEM tools · Strong ability to analyse and distil complex issues and present succinct updates to management and associated committees. · The ability to create clear documentation relating to Operational Processes and Procedures. More ❯