76 to 100 of 130 Insider Threat Jobs in the UK

DLP technologies (e.g., Microsoft Purview, Symantec, Forcepoint, or similar). Familiarity with data classification, data handling standards, and regulatory requirements (e.g., NYDFS, GDPR). Knowledge of insider threat detection and user behavior analytics (UBA). Exposure to security incident and event management (SIEM) tools. Core Values Love what you do: We show up each day ready to More ❯

and maintain executive-level documentation, including standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and … vigilance. Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or … a related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of More ❯

an efficient manner Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis - Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Preferred Knowledge And Experience 3+ years of relevant experience Deep understanding of networking and its application University degree in related discipline Hands on experience with Windows and Linux Core Competencies More ❯

Category: Other EU work permit required: Yes Job Views: 5 Posted: 16.06.2025 Expiry Date: 31.07.2025 Job Description: We are seeking a Data Loss Prevention (DLP)/Insider Threat Analyst to join Harrington Starr’s global client in their Cyber Security Engineering team. The role focuses on protecting the organization from data loss and theft. Key responsibilities include … experience with DLP policy management, incident handling, data protection, and reporting Experience with Microsoft Purview, M365, and Proofpoint technologies Practical knowledge of End-User Behavior Analytics (EUBA) and Insider Risk Management A solid understanding of cybersecurity principles Certifications such as Microsoft SC-400, AZ-500, MS-900, or CISSP are preferred #J-18808-Ljbffr More ❯

permit required: Yes Job Views: 2 Posted: 31.05.2025 Expiry Date: 15.07.2025 Job Description: Harrington Starr’s global client is seeking a Data Loss Prevention (DLP)/Insider Threat Analyst to join their Cyber Security Engineering team. The role involves protecting the organization from data loss or theft through various security strategies and tools. Key responsibilities include: Developing … on experience with DLP policies, incident management, data protection, and reporting Experience with Microsoft Purview, M365, and Proofpoint technologies Practical knowledge of End-User Behaviour Analytics (EUBA) and Insider Risk Management Strong understanding of cybersecurity principles Certifications such as Microsoft SC-400, AZ-500, MS-900, or CISSP are preferred This position requires EU work authorization. The job More ❯

Insider Threat Senior Analyst | S3 | CISO Country: United Kingdom Interested in part-time, job-share or flexible working? We want to talk to you! Join our community. We have a fantastic opportunity to join the bank as an Insider Threat Analyst as part of the Technology Risk & Cybersecurity team. The purpose of this role … is to prevent, detect and respond to security risks originating from within the organisation, extending the DLP controls and adding and mapping likely insider threat actor motivations to identify techniques, control gaps and develop hunting techniques to improve visibility and controls. Here you'll collaborate with some senior stakeholders both internally and externally to promote the sharing … allowing colleagues to perform their roles as crucially and effectively as possible. The difference you'll make: Overseeing and providing day to day management of the Insider Threat Team and activities to ensure effectiveness and productivity, ensuring risks are balanced against the requirements of our businesses to share data with our approved 3rd parties, regulators and customers. More ❯

evolving cyber threats to ensure the security and integrity of our Firm. The role requires a deep understanding of Cybersecurity principles, incident response, cloud security, offensive security, and proactive threat detection with a proven track record of managing security risks and cross functional collaboration. The Security Team is 100% distributed and remote. This role will be reporting directly to … the CISO. Things You Get To Do: Lead and triage security events including potential security incidents, insider threats, malware infections, unauthorized access, fraud, and data exfiltration events Conduct thorough analyses of events, assess impact, and implement corrective actions by … collaborating with cross-functional teams to prioritize and remediate issues as necessary Develop and maintain security incident response playbooks and automate security workflows to improve efficiency and effectiveness Conduct Threat Hunting activities to identify potential issues and implement strategies for proactive threat detection Manage and optimize security tools and technologies, such as SIEM, SOAR, Container Orchestration like Kubernetes More ❯

Head Resourcing are delighted to be working with a financial services client who are looking for a Data Protection & Insider Threat Specialist to join the team. This role focuses on the delivery and continuous improvement of data loss prevention (DLP) and insider threat controls across on-premise and cloud environments. You'll be part … and innovative environment, where technical curiosity is encouraged and every team member is empowered to contribute to strategic outcomes. Key Responsibilities Design and implement DLP and insider threat policies to safeguard sensitive data. Develop roadmaps and integration plans to enhance security controls. Collaborate with both technical and business stakeholders to ensure data protection requirements are well understood … and implemented effectively. Contribute to strategic planning for Data Protection and Insider Threat, including tool evaluation and selection. Identify risks and assess gaps in current security posture; lead initiatives to address them. Serve as lead resource on projects aimed at improving security capabilities. Design and transition control changes, including support for monitoring and alerting processes. Required Experience More ❯

Join our community. The purpose of the role is to protect Santander data from deliberate or accidental external loss extending the DLP baseline controls - mapping likely insider threat actor motivations to identify techniques, control gaps and develop hunting techniques to improve visibility and controls. The difference you’ll make: Ensuring insider risks are balanced against … 3rd parties, regulators and customers Escalating issues when required to ensure Santander data protection while allowing colleagues to perform their jobs as effectively as possible Identifying insider threat use cases along with the DLP Insider Threat Lead Performing and improving insider threat hunting activities Identifying visibility and control gaps, work with … relevant teams to close gaps Recommending high fidelity hunting to the DLP Insider Threat Lead for regular hunts or automated alerting What you’ll bring: These are the essential requirements you need to be successful in this role: Data analysis and security monitoring, SIEM and log analysis capability, pattern recognition Problem-solving abilities involving multiple, complex systems More ❯

an efficient manner Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis -Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Knowledge and Experience University degree in related discipline 1+ years of relevant experience Deep understanding of networking and its application Hands on experience with Windows and Linux More ❯

from the front—managing teams, guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other … tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead & Mentor: Manage SOC analysts and support their technical and professional growth. Tool Optimisation: Oversee and fine-tune security platforms to maximise effectiveness. Security Engineering: Enhance detection rules and improve SOC procedures. Collaborate & Report: Liaise … Continuous Improvement: Drive innovation and stay ahead of emerging threats, tactics, and techniques. External Engagement: Work with partners to strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in More ❯

an efficient manner Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis - Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Preferred Knowledge and Experience 3+ years of relevant experience Deep understanding of networking and its application University degree in related discipline Hands on experience with Windows and Linux Core Competencies More ❯

for varied, impactful work in an inclusive environment emphasizing teamwork. The Role You will work within a close-knit team to defend against cyber threats such as malware, insider … threats, DDoS attacks, and phishing. Your day will involve reviewing recent events, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and using threat intelligence to enhance security. You may also support digital forensics during security incidents. About You You should have a passion for IT and cybersecurity, experience with scripting, knowledge of … Training and Development We offer in-house and external training opportunities, including certifications from SANS and Offensive Security. You will be mentored and gain hands-on experience in cybersecurity, threat detection, and incident response, with opportunities to attend conferences and travel. Rewards and Benefits Starting salary of £36,408 plus benefits such as 25-30 days annual leave, performance More ❯

supportive, inclusive environment emphasizing teamwork. The Role As a Cyber Security Analyst, you will work within a close-knit team to defend against cyber threats such as malware, insider threats, DDoS attacks … and phishing. Your responsibilities include detecting, responding to, and mitigating security incidents, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and leveraging threat intelligence. Opportunities to engage in Digital Forensics and operational security are also available. The role offers a unique experience due to the specialized nature of our work. About You … in-house, on-the-job, and external training, including industry-recognized certifications from SANS and OFFSEC. You will be paired with a mentor and gain hands-on experience in threat detection, incident response, and operational strategies. Opportunities for travel, conferences, and staying current with cybersecurity innovations are also available. Rewards and Benefits Starting salary of £36,408 plus benefits More ❯

data privacy regulations, including GDPR. Third-Party Risk Management: Implement a third-party risk management framework, ensuring due diligence, ongoing monitoring, and compliance in outsourced functions. Fraud and Insider Risk Management: Oversee fraud prevention and detection strategies, manage employee-related risks (e.g., insider threats), and ensure robust whistleblowing procedures. Crisis Management and Incident Response: Lead crisis More ❯

the SOC and Clients Digital teams. Maintain cyber security solutions with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Perform proactive threat hunting for new and emerging cyber threats. Specialist in OT systems, defining monitoring alerts and ensuring the operation of effective security controls. Support compliance with relevant industry standards, regulations … weeks ago Cyber - Security Operations Centre [SOC] Assistant Manager IGH Greater London, England, United Kingdom 1 week ago London, England, United Kingdom 1 month ago Insider Threat & Cyber Investigations Specialist London, England, United Kingdom 2 weeks ago London, England, United Kingdom 1 week ago London, England, United Kingdom 2 weeks ago London, England, United Kingdom 2 weeks More ❯

threats, investigate incidents, and coordinate responses. You will help shape our security capabilities alongside our research and security teams. Responsibilities Lead cybersecurity incident response across external attacks and insider threats involving all layers of our technology stack. Develop and deploy tooling, potentially leveraging Large Language Models, to enhance detection, investigation, and response. Create and optimize detection methods, playbooks … You May Be a Good Fit If You Have 3+ years of software engineering experience, with security background a plus, or 5+ years in detection engineering, incident response, or threat hunting. Understand cloud environments and SaaS operations. Possess excellent communication and collaboration skills. Can lead projects independently. Quickly learn new languages and technologies. Have experience handling security incidents and … security tools like EDR, SIEM, SOAR. Strong Candidates May Also Have Experience With Security operations in Kubernetes environments. Proficiency in Python and SQL. Analyzing attack behaviors and prototyping detections. Threat intelligence, malware analysis, infrastructure as code, or forensics. Experience in high-growth startups. Additional Details Application deadline: Rolling review. Salary range: £240,000 - £325,000 GBP annually. Education: Bachelor More ❯

our security capabilities from the ground up alongside our world-class research and security teams. Responsibilities: Lead cybersecurity Incident Response efforts covering diverse domains from external attacks to insider threats involving all layers of Anthropic's technology stack. Develop and deploy novel tooling that may leverage Large Language Models to enhance detection, investigation, and response capabilities. Create and … may be a good fit if you: 3+ years of software engineering experience, with security experience a plus and/or. 5+ years of detection engineering, incident response, or threat hunting experience. A solid understanding of cloud environments and operations. Experience working with engineering teams in a SaaS environment. Exceptional communication and collaboration skills. An ability to lead projects … involving large-scale Kubernetes environments. A high level of proficiency in Python and query languages such as SQL. Experience analyzing attack behavior and prototyping high-quality detections. Experience with threat intelligence, malware analysis, infrastructure as code, detection engineering, or forensics. Experience contributing to a high growth startup environment. Deadline to apply: None. Applications will be reviewed on a rolling More ❯

Manage and supervise Cyber Security Response Analyst team to proactively identifying, Investigating, and hunting potential attacks and security risks on AVEVA networks and systems using various platform dashboards and threat feeds. Manage and supervise Cyber Security Response Analyst team on analysis of security events as detected by various security controls, monitoring, and recording security events in daily, weekly, monthly … and Qualifications: Minimum two (2) years of experience leading or managing technical teams in following subject areas: vulnerabilities, exploitation, and remediation, network traffic and node analysis, Insider Threat, ransomware, supply-chain attacks, data exfiltration, web-focused security topics, persistent Threat (APT), Spear Phishing, and credential compromise techniques. Minimum of five years information and cyber security experience … as Security Analyst and Incident Response, Security Threat Hunting, or Security Operations Centre analyst role. Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain. Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute is as advantage. Technology standard certification such as from Cisco, VMware, Microsoft is an More ❯

supportive, inclusive environment emphasizing teamwork. The Role As a Cyber Security Analyst, you will work with a close-knit team to defend against cyber threats such as malware, insider threats, DDoS attacks, and phishing. … Your responsibilities include detecting, responding to, and mitigating risks, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, and developing detection content. You will also utilize threat intelligence to proactively improve security measures and support digital forensics during security incidents. About You You should have a passion for IT and cybersecurity, experience with scripting, and knowledge More ❯

fully operational as quickly as possible and to prevent any downtime or impact to business operations. CyberClan investigates and assists clients with all types of security breaches, including insider threats, unauthorized access, and malicious code. Some breaches are publicly known, but many remain hidden. We analyze client data in a secure forensic lab environment. Due to company growth More ❯

fully operational as quickly as possible and to prevent any downtime or impact to business operations. CyberClan investigates and assists clients with all types of security breaches, including insider threats, unauthorized access, and malicious code. Some breaches are publicly known, but many remain hidden. We analyze client data in a secure forensic lab environment. Due to company growth More ❯

is on identity assurance, accounts/secrets management, and monitoring/detective controls. We look to continuously improve our capabilities for defense against environmental exploitations, persistent attacks, and insider threats. Key responsibilities Design and implement privileged access management solutions for broad platform and service coverage. Working with clients to determine their requirements. Assist with product deployment, enhancements, and More ❯

controls for privileged access. This role involves identity assurance, accounts/secrets management, and monitoring/detective controls to continuously improve defenses against environmental exploitations, persistent attacks, and insider threats. You will have access to cutting-edge technologies and be part of critical security initiatives for the client, which operates in a high-impact industry. Key Responsibilities Design More ❯

Join to apply for the Threat Intelligence Lead role at Canonical Join to apply for the Threat Intelligence Lead role at Canonical The Threat Intelligence Lead will own Canonical’s threat intelligence strategy and execution, including understanding of which cyber threat actors are targeting Canonical, and the use of intelligence on Tactics, Techniques and Procedures … cybersecurity controls. You will collaborate with internal stakeholders as well as with the wider cybersecurity community, making sure that Canonical is recognised as a thought leader on open source threat intelligence. This role will report to the CISO. You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You'll study attack trends … possible threats. As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organisation and household in the world, making them a prime target for threat actors. This team's mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure. What you’ll do in More ❯