26 to 50 of 89 Cyber Threat Intelligence Jobs in the UK

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

Role: Cyber Security Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside of the … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

law, technology, and crisis management.This is not another practice group in a traditional firm - it's a high-performing business within a business, combining legal expertise with digital forensics, threat intelligence, and cyber risk engineering.If you want meaningful responsibility, the chance to grow something, and a clear path toward partnership or leadership, this is that moment.What You … ll Do Lead and manage a caseload of complex data-breach and cyber-incident matters, including live ransomware events and regulatory investigations. Act as a trusted adviser during active crises — providing clear, strategic legal guidance under pressure. Supervise and mentor junior lawyers while helping shape the direction of the team. Work alongside leading experts in digital forensics and threat intelligence to deliver fully integrated incident response. Contribute to new products, knowledge, and thought leadership in a rapidly evolving field. Support business development and client-relationship initiatives that will accelerate your route to partnership. What You'll Need Qualified solicitor (5+ PQE) with hands-on experience in cyber, data-breach or regulatory incident work. Commercially astute with More ❯

London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Security Operations Centre Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part in detecting, investigating, and mitigating threats, as well as improving our security posture … through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools and perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. … Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring More ❯

Cyber Security Analyst – Cyber Defence Centre (CDC) Selby or Ipswich Hybrid working Permanent, full time Closing date: Monday 1st December 2025 Who we are We're not just talking about making a difference, we're making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have … champions. We're enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a Cyber Security Analyst within the Cyber Defence Centre team, you'll be responsible for identifying, triaging, and investigating potential security threats to help protect the organisations systems and data. … Working alongside the Cyber Defence Centre team and the wider security teams, you'll play a key role in maintaining visibility across the environment and supporting effective incident response. This role also contributes to the continuous improvement of alerting and detection capabilities by highlighting patterns, reducing false positives and creating triage documentation. Through a combination of hand on analysis More ❯

Cyber Experience, qualification, and soft skills, have you got everything required to succeed in this opportunity Find out below. Security Analyst – Cyber Defence Centre (CDC) Selby or Ipswich Hybrid working Permanent, full time Closing date: Monday 1st December 2025 Who we are We’re not just talking about making a difference, we’re making it happen. We generate … champions. We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a Cyber Security Analyst within the Cyber Defence Centre team, you’ll be responsible for identifying, triaging, and investigating potential security threats to help protect the organisations systems and data. … Working alongside the Cyber Defence Centre team and the wider security teams, you’ll play a key role in maintaining visibility across the environment and supporting effective incident response. This role also contributes to the continuous improvement of alerting and detection capabilities by highlighting patterns, reducing false positives and creating triage documentation. Through a combination of hand on analysis More ❯

and improve human lives by helping public and private sector analysts track and take down cybercriminals, terrorists, and human traffickers around the world. We deliver unmatched visibility into global cyber threat activity and are a key intelligence source for leading cybersecurity and threat intelligence vendors. Our Pure SignalTM platform gives enterprise security teams on-demand … work directly supports a mission that protects millions worldwide. Why This Role Matters: As a Strategic Account Executive, you directly fuel Team Cymru’s growth and expand access to intelligence that helps stop cybercriminals and protect lives worldwide. You’ll own your territory like a true general manager, acquiring new customers, strengthening key accounts, and driving long-term revenue More ❯

of our security operations capabilities on the ServiceNow platform . In this critical role, you will architect and deliver enterprise-scale SecOps solutions that help secure and strengthen the cyber and operational resilience of one of the UK's largest and most innovative energy companies. You will work at the intersection of security, technology, and energy operations , driving a … renewable energy assets, and millions of customers. Your Responsibilities (Up to 10, avoid repetition) Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response , Vulnerability Response , Threat Intelligence , and Configuration Compliance . Lead integration of ServiceNow with key cybersecurity tools - SIEM , SOAR , EDR , CMDB , Threat Intelligence platforms , and OT/ICS systems . … native security practices and experience integrating security controls into CI/CD pipelines , supporting digital transformation and automation initiatives. AI/ML in Security Operations: Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection , incident analysis , or automated response capabilities within SecOps. More ❯

Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of … with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as OpenCTI. Qualifications: Expert knowledge of Azure & Sentinel Proven experience as a Cyber Analyst with a focus on Security Operations. Strong expertise in using … Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other SIEM tools and security technologies. Knowledge of cybersecurity best practices, threat intelligence, and incident response. Excellent analytical and problem-solving skills. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus. This role will require you More ❯

Team Management: Recruit, mentor, and lead a high-performing, multi-disciplinary security team. Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies Threat Intelligence and Incident Response: Establish and mature a robust threat intelligence program to proactively identify, analyze, and mitigate emerging threats, particularly those targeting the African fintech More ❯

behave from a security perspective and enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … be a fantastic next step in your career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat identification. Your responsibilities will … and clarity around what the data represents and why it matters. Identifying trends, patterns and anomalies in network activity from a security perspective. Helping translate technical findings into structured intelligence that can be used across the organisation. This is a frontline support role for the research function, offering space to explore, investigate and grow into a more advanced security More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What You'll Be Doing Delivery of core triage function as part of 24/7 protective … monitoring services across a range of networks/services Overseeing and contributing to the analysis and escalation of security threats and incidents identified Coordinate with Cyber Operations teams to respond to identified security threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis … and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Essential Your skills and experiences: Experience of working within Security Operations or equivalent roles Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ More ❯

Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT)/SOC Level 3 Analyst is … and escalated events or alerts, using experience and industry tools to expedite containment, eradication, and recovery strategies that minimise business impact and protect network systems and customer data from cyber threats. Dimensions People – Work collaboratively in a team of around 14 cyber security operations staff. Mentor Level 1 and Level 2 SOC Analysts, providing guidance and training. Suppliers … Regular interaction with technical resources from outsourced Managed Security Service Providers (MSSPs) and cyber security tooling vendors. Communication – Communicate technical cybersecurity concepts to both technical and non-technical colleagues across all levels of seniority. Stakeholders – Build and maintain collaborative working relationships with internal technology teams, external partners, suppliers, and providers to drive outcomes and agree on courses of action. More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

Are you an ambitious cyber security BDM or Account Executive looking to elevate your career? Join a CREST-accredited cyber security consultancy thats trusted by leading organisations to defend against todays most advanced threats. This is your chance to represent a brand built on credibility, innovation, and proven client success. Why Youll Love This Role: Growth with balance … solutions spanning penetration testing, offensive security, managed SOC, cloud security, and compliance, empowering you to sell with confidence and deliver real value. What Were Looking For Proven success in cyber security sales, ideally within penetration testing, managed SOC, threat intelligence or Cyber Essentials Strong experience in new business B2B sales The ability to engage senior stakeholders More ❯

a mature approach to their work with extensive technical knowledge and hands-on experience in Security Operations. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what you see as a great 24/7 operational cyber defence capability. Please note … the on-call rota is every 1 in 6 weeks. Responsibilities Cyber Defence authority for real-time monitoring of Element's security platforms such as SIEM and Extended Detection and Response (XDR) Prompt analysis and triage of alerts and security events. Support the Incident Response (IR) team to report potential or actual incidents Conduct proactive Threat Hunting across … the estate and help develop the Threat Intelligence capability Work closely with the Incident Response (IR) team and report potential or actual incidents. Support the incident management process Collaborate with cross-functional teams including IT, Privacy and Legal and senior stakeholders. Perform digital forensics on computer/network artifacts to assess the risk and impact of an incident. More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight and guidance … on threat hunting operations Translate threat intelligence into actionable hypotheses and use cases Design and execute advanced threat hunting exercises across varied environments Develop in-house training programmes for SOC analysts Drive CTI maturity and visibility across internal and customer-facing functions Ensure comprehensive documentation and stakeholder reporting Participate in the on-call rotation for critical More ❯