1 to 25 of 27 Malware Analysis Jobs in the UK

clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company! Reversing Emulation and Testing (RET) is a core function of Insikt Group's Technical Analysis (TA) Team. We seek a principal technical threat researcher with deep subject-matter expertise across malware analysis, reverse engineering, and malicious tooling. This role requires the ability to … lead high-impact research and drive innovation in analytical capabilities within Insikt Group. You will guide and shape technical research into state-sponsored and cybercriminal malware, collaborating across functional intelligence teams to support finished intelligence reporting and platform enrichment. Your responsibilities will include not only conducting advanced malware reverse engineering and infrastructure emulation but also designing and implementing … internal tools and workflows that increase our team's efficiency. You will be expected to develop and formalize novel approaches to dynamic analysis, configuration extraction, and threat behavior modeling. This position entails representing Insikt Group's technical threat research in customer briefings, webinars, and industry engagements. You will communicate complex technical findings to diverse audiences ranging from internal stakeholders More ❯

Malware Analyst/Pen Tester - Android £625-£650 p/d Outside IR35 Hybrid - London 6 Months SR2 are supporting a major global tech client in the expansion of their elite malware analysis team. They're hiring two Malware Analysts with deep Android security expertise to uncover malicious behaviours, reverse engineer complex APKs, and assess real … isn't about bug hunting, this is deep forensic work to detect intentionally hidden threats. The Role: Reverse engineering Android apps to detect hidden malicious behaviour Analysing potential threats: malware, premium call triggers, surveillance capabilities Supporting automated detection with human-led scrutiny and investigation Must-Have: Strong hands-on experience in Android malware analysis Background in reverse … APKs and obfuscated code Security-first mindset with the ability to think like an attacker Nice to Have: Experience at large antivirus/security firms or on high-scale malware analysis projects Exposure to large app store environments or critical infrastructure vetting Details: Day Rate: £625-£650 p/d (flexible for the right profile) IR35: Outside Contract More ❯

Research Engineer - Threat Protection The Role As a Security Research Engineer at Mimecast, you will be a pivotal technical expert dedicated to researching, analyzing, and developing detections for both malware and phishing threats. Your work will involve dissecting real-world file and web threats, building and optimizing detection signatures, and driving improvements to our advanced detection systems. This role … evolving attacks and provide actionable insights to our customers and internal teams. Why Join Our Team? At Mimecast, you will be at the forefront of neutralizing diverse phishing and malware threats through comprehensive file analysis and research across web vectors. You will dissect attacker tactics, techniques, and procedures (TTPs), crafting and optimizing detection signatures using industry-standard tools … your work has immediate and significant customer impact. What You'll Do: Analyse and classify file and web-based threats, including credential phishing campaigns and a wide range of malware families. Develop, test, and maintain detection signatures (Yara, ClamAV, and proprietary solutions) for both phishing and malware threats targeting Mimecast customers. Dissect malicious files, URLs, and email payloads More ❯

Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis, Malware Detection Tools + 16 more Desired Languages (If blank, desired languages More ❯

all the evidence available and support the client on the appropriate action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools … to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

Job Description Summary Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. Job Description Essential Responsibilities In this role, you will: Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis … Understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.) - Understanding of APT, Cyber Crime and other associated tactics - Understanding of host forensics and network analysis techniques and tools - Understanding of malware and reverse engineering - Understanding of vulnerabilities. Vulnerability management, remediation and implementation techniques. - Understanding of responding to threats in cloud platforms (AWS, Azure More ❯

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What youll bring: Demonstrable experience in Security Operations Centre. People … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you’ll bring: Demonstrable experience in Security Operations Centre. … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP … FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure … protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing team knowledge across SOC tooling More ❯

and respond with suitable remediation measures to mitigate risks. Ensure correct deployment and application of governance policies in Microsoft Purview. Creates updates and oversees execution of security assessments and analysis of systems (infrastructure and applications) as needed or in accordance with the security strategic plan. Ensures successful compliance of data protection and security requirements within applicable legislation (e.g., GDPR … CySA+, GIAC Security Operations Certified (GSOC), GIAC Continuous Monitoring Certification (GMON), GIAC Certified Incident Handler (GCIH), CCNA Cyber Ops, or other specialized security certification that assesses the candidates' security analysis, SOC operations, and incident handling skills. Substantial experience in information security across different industries, platforms, and applications. Experience conducting IT compliance assessments (IT General Controls and Audits, PCI, NIST …/IPS, SIEM, DLP, and Endpoint protection solutions. Good understanding and knowledge of security concepts, protocols, processes, architectures, and platforms (authentication and access control technologies, intrusion detection, network traffic analysis, Web Application Firewalls, Encryption and Key Management, SIEM technology, incident handling, media/malware analysis, etc.) Good knowledge of cloud technologies, architecture, and security controls. Ability to More ❯

following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise … regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. * Act as the point of escalation for the Service desk for security related tickets. * Analysis of weekly vulnerability scans and update relevant records. Essential * A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines … of analysing information technology logs and events sources preferred * Working knowledge of data storage systems, data backup and restoration methods. * Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) * Ability to work independently while managing support to a high standard * Contribute More ❯

next level? Get in touch today! Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. Desirable skills: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with … Have: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving More ❯

Awareness of incident response planning and tabletop exercises. Understanding of frameworks such as MITRE ATT&CK, the Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Desirable Qualifications & Skills: Certifications such as ECIH, Security+, BTL1, CySA+, SC-200. Familiarity with open-source IR tools (e.g., Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility, SOF-ELK, DFIR More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

patterns ️ Working with internal teams to integrate threat intelligence into security operations and incident response processes ️ Using advanced tools and techniques to track and analyze threat actors, APTs, and malware campaigns ️ Developing and presenting actionable intelligence reports to stakeholders to improve proactive defense strategies ️ Collaborating with external partners, industry groups, and threat intelligence vendors to gather and share threat … data What We're Looking For: ️ Proven experience as a Cyber Threat Intelligence Specialist or in a similar threat analysis role ️ Strong knowledge of threat intelligence frameworks (e.g., STIX/TAXII, MITRE ATT&CK) and tools (e.g., SIEM, threat intelligence platforms) ️ Experience with threat hunting, incident response, and malware analysis ️ Familiarity with cyber threat actors, attack methodologies More ❯

a strong understanding of various security platforms and standards. Required Skills & Qualifications: Experience in IT infrastructure security, preferably within financial institutions. Strong knowledge of endpoint protection, anti-virus, anti-malware, anti-ransomware, and encryption technologies. Proven experience in securing, auditing infrastructure components and configurations on virtualization platforms, Windows, and Linux. Working experience with network infrastructure components such as IPS … intelligence alerts to relevant stakeholders, assessing potential impacts on organizational assets. Monitor security alerts identified by SOC and CSIRT, participate in investigations, and assist in incident response activities including malware analysis and threat hunting. Collaborate with the CERT team in maintaining an up-to-date threat landscape and contributing to the incident response playbooks. Security Risk Management and More ❯

in the client's office in Westminster, with the rest being done remotely Responsibilities: • Identify and mitigate vulnerabilities in Android applications and OS-level components • Perform static and dynamic analysis of Android apps • Penetration testing of Android-based environments • Monitor threat intelligence sources and Android CVEs to assess emerging threats • Collaborate with developers to embed security throughout the Android … a focus on Android • Strong understanding of Android architecture, AOSP, and app sandboxing • Experience with tools like Frida, Burp Suite, jadx, MobSF, and Android Debug Bridge (ADB) • Knowledge of malware analysis and mobile threat defense • Familiarity with OWASP Mobile Top 10 • (Bonus) Experience with securing custom ROMs or working with rooted devices Mindset We're After: • Thinks like More ❯

our personalized learning opportunities - just to name a few! Job Description Your Career You will work firsthand with our valued customers to address their complex post–sales concerns where analysis of situations or data requires an in–depth evaluation of many factors. You're a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You … permanent solutions. Share insights from customer interactions to improve our product and support experience. Document troubleshooting steps and resolutions clearly for both internal and customer use. Lead root cause analysis and coordinate corrective actions to prevent recurrence. Qualifications Your Experience Mandatory Requirements 🔒 Due to the nature of this role and the customers we support, candidates must either: Have lived …/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML, Bash, or More ❯

re Looking For: ️ Proven experience as a Threat Intelligence Analyst or in a similar role within cybersecurity ️ Strong knowledge of threat intelligence platforms (TIPs), open-source intelligence (OSINT), and malware analysis ️ Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, STIX, TAXII) ️ Experience in analyzing cyber threats, including advanced persistent threats (APTs), ransomware, and phishing attacks ️ Certifications such as More ❯

our rapidly growing Global Security Operations team. This is an exciting hands-on technical role in which the specialist will use their security skills and knowledge to perform advanced analysis on the collection of cyber threats using high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide … resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response (preparation, identification, containment … technologies, including: Windows, Linux, Networking, Security Architecture experience and knowledge of packet flow/TCP/UDP traffic, Firewall and proxy technologies, cloud solutions, anti-virus, static and dynamic malware analysis techniques Expert in performing analytics with different types of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working More ❯