1 to 25 of 60 Remote Cyber Threat Intelligence Jobs in the UK

Job title Senior Cyber Threat Intelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/…/2025 As a Senior Cyber Threat Intelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and … support the development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and More ❯

Tactical Cyber Threat Intelligence Analyst (Analyst I) About the role Location: Office (London) or Home based Duration: Permanent, Full time The primary role of the Tactical Cyber Threat Intelligence Analyst is to support the production of accurate, high quality and timely intelligence products. … This will include support to management, peers and members of staff and clients, both in-house and clients. Tactical Cyber Threat Intelligence Analysts will: Create Open Source summaries concerning cyber threat incidents Create and update threat actor profiles detailing salient information about cyber threat actors. Assist in the production of strategic reporting concerning technical themes of interest (malware, IOCs, actor TTPs/campaigns and other developments which have the potential to impact the cyber threat landscape). Respond to Requests for Intelligence (RFIs) from clients. Contribute to other More ❯

world safer and more secure. Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business… https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the … Strategic Threat Intelligence team, reporting to the Strategic Threat Intelligence Manager. As a senior member in this team, you will have some limited line management responsibilities but will be expected to be heavily involved in the training and mentoring of other Threat intelligence team … members, as well as supporting the overall growth of the Strategic Threat Intelligence team. You will be expected to have strong consultancy skills and experience in delivering large/complex pieces of client facing work where you will need to be able to manage multiple internal and external More ❯

We are seeking a Threat Analyst to join our rapidly growing Information Security team. This is a unique opportunity for an aspiring and motivated professional to be at the forefront of our cyber defence strategy, protecting our brand from existing and emerging threats. You will combine the expertise … of a Threat Hunter and Cyber Threat Intelligence Analyst, and will work alongside our Senior Threat Analyst to build our threat intelligence and hunting capabilities from the ground up. You'll have a major input on what new tooling and services we use … and communication skills, and an appetite for complex problem solving. Seize the opportunity to join a dynamic security team, reporting to the Head of Cyber Defence, and lead the development of advanced CTI and threat hunting strategies, seamlessly integrating into our security processes and driving continuous improvements. What More ❯

world safer and more secure. Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business… https://www.nccgroup.com/uk/The Opportunity You will be acting as a team member within the … Operational Threat Intelligence team, reporting to the Operational Threat Intelligence Manager, and supported by the Operational TI Team Leads. This role involves analysis of cyber threats, the development of actionable intelligence, and collaboration with various teams. Your support to the wider organisation will be … critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities Threat Intelligence collection and analysis : Make use of OSINT and other intelligence sources to collect and then conduct in-depth analysis of cyber threats, including More ❯

New role: Cyber Services Advisor Location: London (Central flexible/hybrid working) Salary: £50,000 - £65,000 Exciting opportunity to join a leading global Insurtech organisation as a key member of the Threat Intelligence and Proactive Services capabilities. This role sits within the Cyber Insights & Analytics … function, part of the Cyber Underwriting division, supporting cyber underwriting operations across London, U.S., and global offices. The team and business has developed rapidly, and with a projected growth of 35% this year. In this role, you will work in diverse areas such as insurance, cybersecurity, and consulting … strong communication skills, an interest in cybersecurity, with an ambition to be a front-facing expert. You will work closely with the Head of Cyber Insights & Analytics, the Cyber Services Manager, and the cyber underwriters to deliver the proactive cybersecurity services, engage with internal and external stakeholders More ❯

Online Threat Intelligence Senior Analyst - Gloucester, UK About the Role 2 Year Fixed Term Contract Are you naturally inquisitive and eager to discover opportunities to support customers and improve cyber resilience? If so, come and join EDF as an Online Threat Intelligence Senior Analyst! The … Opportunity As an Online Threat Intelligence Senior Analyst, you will support our IT Security and counter fraud and risk management teams in identifying online threats to both our valued customers and our operational businesses to ensure we are well informed of advancing threats and actively implementing proactive countermeasures … to mitigate risk. The Online Threat Intelligence Senior Analyst will join the Customers Security and Resilience Team, to support our Business Information Security Officer and Counter Fraud Team to gather, analyse and communicate threats and security risks to our customers and Business Unit. You’ll work with our More ❯

About the Role 2 Year Fixed Term Contract Are you naturally inquisitive and eager to discover opportunities to support customers and improve cyber resilience? If so, come and join EDF as an Online Threat Intelligence Senior Analyst! The Opportunity As an Online Threat Intelligence Senior … customers and our operational businesses to ensure we are well informed of advancing threats and actively implementing proactive countermeasures to mitigate risk. The Online Threat Intelligence Senior Analyst will join the Customers Security and Resilience Team, to support our Business Information Security Officer and Counter Fraud Team to … our technical and customer support specialisms to continually improve our security posture and provide support in incidents and investigations as well as delivering strategic threat intelligence and trend analysis reporting to our senior stakeholders and Executives. Pay, benefits and culture Alongside a salary of circa £50,000 (depending More ❯

leadership for the Security Operations Centre team providing technical oversight and direction. You will engage with various teams across DDaT to maintain security monitoring, threat intelligence and vulnerability management controls to detect and alert across all HM Land Registry technical assets. Salary of £46,058 - £57,400 dependent … with the Technology and Business Strategies. Working closely with the Lead Infrastructure Engineers and subject matter experts, you will develop and maintain security monitoring, threat intelligence and vulnerability management controls, to detect and alert across all HMLR technical assets. You will work with technical teams to develop SOC … you have led technical investigations and developed response frameworks. You are proficient with Security Information and Event Management (SIEM) systems and adept at utilising Cyber Threat Intelligence within this context. You have a strong capability to manage technical risks and lead the implementation of mitigations. Additionally, you More ❯

annum negotiable depending on experience + fantastic benefits! Jisc grade: TCY3 (internal use only) Hours: 35 hours per week Contract: Permanent Reports into: Senior Threat Intelligence Engineer Location: Hybrid - combination of remote work and office presence in London, Bristol, Manchester, or Oxford. Specific office days are flexible and … meaningful impact on the education and research sectors. About the team: The security team, part of Group CTO, safeguards UK Education and Research from cyber threats, supporting digital resilience through services like our nationwide Security Operations Centre (SOC), including 24/7 security monitoring, SIEM, and endpoint detection. About … the role: You will develop and maintain infrastructure supporting Jisc's security services, focusing on managing our SIEM, SOAR, and threat intelligence platforms, and collaborating with threat intelligence teams to automate and enhance these systems. Key responsibilities include: Developing and maintaining security platforms and applications Monitoring More ❯

UK Government programme, supporting the Security Operations function. This is not a SOC role – instead, the position blends delivery management with some aspects of cyber threat intelligence , security incident support , and security communications . The role is ideal for someone with strong delivery and task management experience … who thrives in fast-paced environments, and who can coordinate cross-functional workstreams. While cyber security experience is a plus, it’s not essential – the client is open to someone with the right delivery skills and the appetite to grow into the security space. You must have active SC … and delivery schedules Support day-to-day incident management and coordination of actions/responses Contribute to handling and triaging security threats and associated intelligence Create and manage security-related communications , reports, and status updates Use Agile and Scrum methodologies to manage delivery and team cadences Required Skills & Experience More ❯

UK Government programme, supporting the Security Operations function. This is not a SOC role – instead, the position blends delivery management with some aspects of cyber threat intelligence , security incident support , and security communications . The role is ideal for someone with strong delivery and task management experience … who thrives in fast-paced environments, and who can coordinate cross-functional workstreams. While cyber security experience is a plus, it’s not essential – the client is open to someone with the right delivery skills and the appetite to grow into the security space. You must have active SC … and delivery schedules Support day-to-day incident management and coordination of actions/responses Contribute to handling and triaging security threats and associated intelligence Create and manage security-related communications , reports, and status updates Use Agile and Scrum methodologies to manage delivery and team cadences Required Skills & Experience More ❯

the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational … efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage More ❯

range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest and engagement … in cyber attack and defence, and outstanding academic and career performance even if experience is limited. Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is … team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack. The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source More ❯

further. Job Title: SOC Lead Location: Hybrid (3 days in office ) About the Role We are seeking a highly skilled SOC Lead to oversee cyber incident response, threat intelligence, and vulnerability management for a leading organization. This role will act as a trusted advisor to senior leadership … ensuring a structured and effective response to cyber incidents while driving improvements in incident management processes. Key Responsibilities Lead and coordinate responses to significant cyber incidents, ensuring effective and timely resolution. Act as a subject matter expert, advising senior leadership on business impacts and risk mitigation strategies. Develop … and implement cyber incident containment plans and remediation strategies. Oversee incident investigations, reporting, and documentation to drive continuous improvement. Collaborate with Threat Intelligence and Incident Response teams to monitor and respond to emerging threats. Ensure effective vulnerability management, prioritizing risks and coordinating remediation efforts. Provide regular technical More ❯

an active responder as part of the Cybersecurity Incident Response Team during declared incidents Contribute to automation and orchestration playbooks to streamline detection engineering, threat hunting and incident response activities Participate in threat hunts to proactively identify threats in our corporate and market environments Regularly review current use … remove gaps in coverage Who You Are 5+ years of hands-on, in-depth knowledge and technical experience in security operations, including detection engineering, threat hunting, incident response, digital forensics, and/or threat intelligence Strong technical foundation and understanding of security concepts, solutions and technologies; experience … as MITRE ATT&CK and how to utilise them in the assessment of detection capabilities and coverage Skilled in identifying opportunities for developing new threat detection use cases based on security telemetry, environment baselining, actionable threat intelligence and Incident Response lessons learned Ability to identify gaps in More ❯

Location(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. The SOC will be staffed by a blend of customer and BAE Systems staff, based in multiple … the incoming shift Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises More ❯

Content - maintain the availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate. Threat Intelligence & Threat Hunting - provide, develop and integrate external threat intelligence data into the team's detection capabilities; perform proactive threat … test the team's detection capabilities, develop scenario-based training, and organise purple team exercises, both in-house and with third-party providers. Insider Threat - maintain and develop the Data Loss Prevention policies in line with the company's data classification requirements, and implement exceptions for business-approved procedures … with vulnerability scanning and penetration testing tools and techniques. Qualifications: A university degree in one of the following fields is preferred (but not required): Cyber/Information Security, Digital Forensics, Ethical Hacking Computer Science, Software Development, Network Engineering Mathematics, Physics and other STEM subjects Other desirable certifications include : CISSP More ❯

Cyber Risk Management Lead Location: Immingham or London Contract Type: Permanent Salary: £70,000 - £75,000 About the Role An established power generation company is seeking a Cyber Risk Management Lead to enhance and oversee its cyber risk management framework across Operational Technology (OT) and Information Technology … role can be based in Immingham or London , with travel to other sites as required ( 3 days in the office ). Key Responsibilities Lead cyber risk assessment activities across IT and OT environments, correlating outputs into strategic risk tracking. Manage the cyber security risk toolkit , including threat modelling, attack trees, and scenario-based exercises. Develop and implement cyber security policies, processes, and staff training aligned with Secure by Design principles. Oversee first-line security operations , including outsourced 24/7 SOC management . Define and manage cyber threat intelligence requirements . Provide More ❯

Location(s): UK, Europe & Africa : UK : London BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital … advantage in the most demanding environments. Job Title: Threat Intelligence Lead Location: London - We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Grade: GG12 Referral Bonus: £5000 What You'll Be Doing Working on client … sites you will support and lead engagements that deliver cyber risk assessments, improve security control maturity, define secure solutions and ensure compliance. Delivery of small to medium cyber security work-streams or engagements Understanding business and information risk context of our customers and judging risk at a technical More ❯

banner. By working collaboratively, we aim to become industry-leading in safety, customer service, financial and operational performance. About the role: The Head of Cyber Security is a critical leadership role at DFTO, responsible for establishing and maturing the group's overall cyber security posture, ensuring it effectively … mitigates risks in the face of the evolving threat landscape. This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating investment/programme plans to uplift their capabilities to appropriate levels. The role also encompasses … traditional cyber security functions, such as incident management, and a focus on developing common group cyber services for consistency and efficiency. Key Competencies: Interpersonal Skills: Demonstrates a strong ability to build and maintain relationships with a diverse group of stakeholders, including executives, teams across the TOCs and external More ❯

contributing to the development of essential architecture strategies and patterns for NESO. Building and managing relationships with the business is key to delivering our cyber security strategy. Whether implementing new solutions, driving operational effectiveness and efficiency, or providing guidance to further enhance our strategy, the Senior Security Architect will … oriented mindset. A proactive approach to problem-solving, with the ability to think critically and strategically about architectural challenges and opportunities. Significant experience in cyber security Strong Cloud knowledge and demonstrable experience - (Azure) Relevant cyber security qualification(s), for example Certified Information Systems Security Professional (CISSP), Certified Information … secure software development lifecycles, application architectures, key attack vectors, and corresponding compensating controls. Cloud Security (Microsoft): Demonstrated experience and proficiency in securing cloud environments. Cyber Threat Intelligence: Ability to analyse and respond to emerging cyber threats and how this can be used to update secure architecture More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber More ❯

generous flexible benefits fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber More ❯

Role Title: Senior Security Engineer - Security Operations Location: London or Sheffield (Hybrid) About the role: RMG Cyber Security Operations is dedicated to safeguarding our information assets and managing security incidents through robust detection, analysis, and response strategies. We are seeking a Senior Security Engineer to enhance our team and … maintaining, and configuring a wide range of security technologies, including SIEM solutions, DLP solutions, firewall solutions, cloud security centers, IPS (Intrusion Prevention Systems), CTI (Cyber Threat Intelligence) solutions, and vulnerability scanners. Proxy solutions like Zscaler are essential. At least one professional certification; CISSP, CISM, CCSP. What we More ❯