26 to 50 of 172 Cyber Threat Intelligence Jobs in the UK

annum negotiable depending on experience + fantastic benefits! Jisc grade: TCY3 (internal use only) Hours: 35 hours per week Contract: Permanent Reports into: Senior Threat Intelligence Engineer Location: Hybrid - combination of remote work and office presence in London, Bristol, Manchester, or Oxford. Specific office days are flexible and … meaningful impact on the education and research sectors. About the team: The security team, part of Group CTO, safeguards UK Education and Research from cyber threats, supporting digital resilience through services like our nationwide Security Operations Centre (SOC), including 24/7 security monitoring, SIEM, and endpoint detection. About … the role: You will develop and maintain infrastructure supporting Jisc's security services, focusing on managing our SIEM, SOAR, and threat intelligence platforms, and collaborating with threat intelligence teams to automate and enhance these systems. Key responsibilities include: Developing and maintaining security platforms and applications Monitoring More ❯

help drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). … Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯

help drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). … Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯

Cyber Threat Specialist Location: Any UK Location Salary: Competitive salary and package dependent on experience Career Level: We are hiring at the following levels- Specialist/Senior Analyst Accenture Practice- Secure Transformation Service Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance … work and live. It is personal to all of us." - Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As … a Cyber Threat Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear More ❯

Cyber Threat Specialist Location: Any UK Location Salary: Competitive salary and package dependent on experience Career Level: We are hiring at the following levels- Specialist/Senior Analyst Accenture Practice- Secure Transformation Service Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance … work and live. It is personal to all of us." - Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As … a Cyber Threat Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear More ❯

Cyber Threat Specialist Location: Any UK Location Salary: Competitive salary and package dependent on experience Career Level: We are hiring at the following levels- Specialist/Senior Analyst Accenture Practice- Secure Transformation Service Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance … work and live. It is personal to all of us." - Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As … a Cyber Threat Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear More ❯

Cyber Threat Specialist Location: Any UK Location Salary: Competitive salary and package dependent on experience Career Level: We are hiring at the following levels- Specialist/Senior Analyst Accenture Practice- Secure Transformation Service Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance … work and live. It is personal to all of us." - Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As … a Cyber Threat Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear More ❯

In a nutshell The principal purpose of the role is to identify, contain, eradicate, and recover from information security incidents. Assisting the Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response … experience including developing threat hunting capabilities, security use cases and playbooks. Day to day Development of the tools and processes to establish and improve the threat hunting program. Keeping an up-to-date understanding of the cyber threat landscape through threat intelligence and industry … research. Define and design new security use cases and alerts to identify evolving attack scenarios. Participate in industry-based Threat Intelligence sharing groups. Produce reports based on threat activity, trends and reported industry incidents. Leading security incident response processes with support from the principal analyst. Integrating and More ❯

Role: Cyber Threat Analyst Location: Any UK Salary: Competitive salary and package dependent on experience Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more … work and live. It is personal to all of us.” – Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As … a Cyber Threat Analyst you will: As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don’t worry if you don’t tick every box – we’d still love to hear More ❯

Mac, iPhone, iPad, Apple Watch, Apple TV, and Vision Pro. As part of our efforts to protect our users, Apple is looking for a Threat Intelligence Analyst to join a team of security researchers who work together and cross-functionally to inform efforts to solve security engineering challenges. … You will have a broad set of skills that make you successful as threats continue to evolve, and you will be capable of analyzing cyber threats to our users' devices. Our environment fosters innovation, rapid solution development, and grants a wide range of autonomy-within which you will be … in order to quickly bring to market new security methods and technologies addressing the complex needs of Apple users. Minimum Qualifications Proven experience in threat intelligence or security research. Intellectually curious team player with a genuine passion for finding, understanding, and mitigating cyber threats against macOS. In More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. … This position plays a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. … This position plays a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for More ❯

UK Government programme, supporting the Security Operations function. This is not a SOC role – instead, the position blends delivery management with some aspects of cyber threat intelligence , security incident support , and security communications . The role is ideal for someone with strong delivery and task management experience … who thrives in fast-paced environments, and who can coordinate cross-functional workstreams. While cyber security experience is a plus, it’s not essential – the client is open to someone with the right delivery skills and the appetite to grow into the security space. You must have active SC … and delivery schedules Support day-to-day incident management and coordination of actions/responses Contribute to handling and triaging security threats and associated intelligence Create and manage security-related communications , reports, and status updates Use Agile and Scrum methodologies to manage delivery and team cadences Required Skills & Experience More ❯

UK Government programme, supporting the Security Operations function. This is not a SOC role – instead, the position blends delivery management with some aspects of cyber threat intelligence , security incident support , and security communications . The role is ideal for someone with strong delivery and task management experience … who thrives in fast-paced environments, and who can coordinate cross-functional workstreams. While cyber security experience is a plus, it’s not essential – the client is open to someone with the right delivery skills and the appetite to grow into the security space. You must have active SC … and delivery schedules Support day-to-day incident management and coordination of actions/responses Contribute to handling and triaging security threats and associated intelligence Create and manage security-related communications , reports, and status updates Use Agile and Scrum methodologies to manage delivery and team cadences Required Skills & Experience More ❯

for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response … threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for More ❯

for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response … threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for More ❯

for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response … threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for More ❯

Role: SIEM Security Engineer - Cyber Defence Rate: Outside IR35 Location: Remote with occasional travel to Gloucester Duration: 3-6 initially SC clearance required Position Summary: We are seeking a Sentinel SIEM & Cloud Security Engineer to join our team and play a critical role in designing, managing, and optimizing Microsoft … and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat More ❯

the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational … efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage More ❯

range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest and engagement … in cyber attack and defence, and outstanding academic and career performance even if experience is limited. Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is … team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack. The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source More ❯

further. Job Title: SOC Lead Location: Hybrid (3 days in office ) About the Role We are seeking a highly skilled SOC Lead to oversee cyber incident response, threat intelligence, and vulnerability management for a leading organization. This role will act as a trusted advisor to senior leadership … ensuring a structured and effective response to cyber incidents while driving improvements in incident management processes. Key Responsibilities Lead and coordinate responses to significant cyber incidents, ensuring effective and timely resolution. Act as a subject matter expert, advising senior leadership on business impacts and risk mitigation strategies. Develop … and implement cyber incident containment plans and remediation strategies. Oversee incident investigations, reporting, and documentation to drive continuous improvement. Collaborate with Threat Intelligence and Incident Response teams to monitor and respond to emerging threats. Ensure effective vulnerability management, prioritizing risks and coordinating remediation efforts. Provide regular technical More ❯

an active responder as part of the Cybersecurity Incident Response Team during declared incidents Contribute to automation and orchestration playbooks to streamline detection engineering, threat hunting and incident response activities Participate in threat hunts to proactively identify threats in our corporate and market environments Regularly review current use … remove gaps in coverage Who You Are 5+ years of hands-on, in-depth knowledge and technical experience in security operations, including detection engineering, threat hunting, incident response, digital forensics, and/or threat intelligence Strong technical foundation and understanding of security concepts, solutions and technologies; experience … as MITRE ATT&CK and how to utilise them in the assessment of detection capabilities and coverage Skilled in identifying opportunities for developing new threat detection use cases based on security telemetry, environment baselining, actionable threat intelligence and Incident Response lessons learned Ability to identify gaps in More ❯

Location(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. The SOC will be staffed by a blend of customer and BAE Systems staff, based in multiple … the incoming shift Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises More ❯

Content - maintain the availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate. Threat Intelligence & Threat Hunting - provide, develop and integrate external threat intelligence data into the team's detection capabilities; perform proactive threat … test the team's detection capabilities, develop scenario-based training, and organise purple team exercises, both in-house and with third-party providers. Insider Threat - maintain and develop the Data Loss Prevention policies in line with the company's data classification requirements, and implement exceptions for business-approved procedures … with vulnerability scanning and penetration testing tools and techniques. Qualifications: A university degree in one of the following fields is preferred (but not required): Cyber/Information Security, Digital Forensics, Ethical Hacking Computer Science, Software Development, Network Engineering Mathematics, Physics and other STEM subjects Other desirable certifications include : CISSP More ❯

Cyber Security Specialist | Logrhythm > Sheffield > £50,000 - £65,000 + Up to 20% Bonus > 10% Pension + Life Assurance + Excellent Benefits > Hybrid - 3 days onsite ** The business will support the application for security clearance. Due to the nature of work, the individual has to be a UK national … About the Business Security is one of the fastest-growing parts of this global organisation. They protect their networks from more than 6,500 cyber-attacks each day, investing significantly in research each year and employ more than 3,000 people in the cyber security business alone, making … them the largest private cyber security employer in the UK. About this Role This role exists to provide specialist technical support on complex network security and cybersecurity deployments for large and sometimes complex UK contracts. The role will include supporting and administrating various SIEM and XDR platforms including creating More ❯