21 of 21 Remote/Hybrid Threat Detection Jobs in the UK

Cyber Threat Intelligence Analyst Salary £50,000 - £60,000 - Hybrid - WFH Euro Projects Recruitment is working with a leading Microsoft Partner in Scotland to recruit a permanent Cyber Threat Intelligence Analyst . This is a genuine Cyber Threat Intelligence Analyst role with a strong focus on proactive … threat hunting, intelligence-led investigations and client engagement. The successful Cyber Threat Intelligence Analyst will work closely with SOC analysts, incident responders and engineering teams, using the Microsoft security stack to identify, analyse and mitigate cyber threats. The Role Cyber Threat Intelligence Analyst As a Cyber Threat ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

Networks security technologies and solid experience across XDR and SIEM environments. This role sits within the Security Operations function and is focused on improving threat detection, automation, visibility, and response using XSIAM. *For this role, you must be eligible for SC Clearance* Key Responsibilities Implement and configure Palo … Networks XSIAM to enhance SOC efficiency and visibility Design and manage security automation workflows within XSIAM Integrate and optimise XDR capabilities to support proactive threat detection and response Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reports to provide ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

real security operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling Log analysis Microsoft security technologies (including Sentinel, Defender, Entra ID) Automation and scripting fundamentals The successful ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

multiple platforms, including Microsoft and endpoint security tools. Conduct in-depth investigations of security events, escalating and containing incidents as required. Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce … Expertise Sentinel, MDE, and MDI deployments Proven experience in a hands-on SOC Analyst role within an enterprise environment Strong understanding of security operations, threat detection, and incident response workflows Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with ...

Position: Threat Defence Delivery Manager Location: London/Hybrid Type: Contract, Inside IR35, 6 Months Rate: £(Apply online only) p/day We are seeking an experienced Threat Defence Delivery Manager to lead a critical workstream within a major cyber transformation programme. This role is responsible for consolidating … enhancing the organisation's threat detection and response capabilities across all business units. In this role, you will: Lead the implementation of a unified Security Operations Centre (SOC), providing a single view of security events while supporting federated reporting for individual business units. Manage the selection and onboarding ...

Security Stack, including: Microsoft Entra ID (Identity & Access Management) Microsoft Defender XDR (Email, Devices, Apps) Microsoft Purview (Data Governance & Compliance) Microsoft Sentinel (SIEM & Threat Response) This is a hands‐on role covering both project work and BAU, giving you the chance to contribute to key security initiatives while also … supporting day‐to‐day cyber operations. Responsibilities Managing and improving the organisation’s cyber security posture Security remediation activities Threat detection and investigation SOC-style threat response Endpoint security management Identity & access management (IAM) What We’re Looking For Experienced Cyber Security Engineer with strong hands ...

existing project. Key responsibilities Responsible for ensuring the effective and timely triage of all security alerts Responsible for maintaining and developing risk-led threat detection capabilities to quickly detect and respond to risky behaviors and event. Review and approve new Use Cases and Playbooks created by cybersecurity colleagues ...

platform products, systems, and solutions Experience delivering end-to-end cybersecurity solutions across complex programmes and projects Strong knowledge of cybersecurity domains such as Threat Detection and Response, Identity and Access Management, Infrastructure Security, or Information Protection Hands-on experience with AWS technologies and cloud security architectures Familiarity ...

seamless integration of multi-factor authentication with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response solutions to proactively identify and mitigate identity-based attacks. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos ...

Network & Security Engineering Implement, and support enterprise grade network and security solutions Deploy, configure, and troubleshoot Cisco Firepower firewalls, including policy configuration, VPNs, and threat protection Implement and maintain Cisco Identity Services Engine (ISE) for network access control, authentication, and authorization Work with Cisco Stealthwatch and other Cisco security … tools to provide visibility, monitoring, and threat detection Configure and support FortiGate firewalls where required, including firewall policies, VPNs, and security profiles Produce high quality technical documentation, including designs, implementation guides, and handover documentation Customer Engagement & Communication Serve as a trusted technical advisor to customers, clearly explaining solutions ...

current state, target state, roadmap, sprint backlog and a clear “definition of done”. Translate between exec outcomes and engineer reality: cost, risk, resilience, detection efficacy, operational overhead. Back-of-house delivery Design telemetry pipelines from end-to-end (collect process route store), including: Collection: agents/collectors, APIs … viable operate” checklists per platform Choose Your Primary Lens (One required — experience in both is advantageous) Security/SIEM Telemetry-to-use-case mapping Threat detection concepts and lifecycle awareness Event normalisation and structured security data models Observability/ITOps Distributed systems and service-level thinking Metrics, logs ...

Lead remediation of an agreed list of known Tanium EDR gaps across the estate. Activate, configure, and deploy Tanium Reactions aligned to containment and detection requirements. Support Tanium device discovery, improving asset visibility across hardware, software and telemetry. Integrate device data, software data, and extended telemetry into SIEM … wider detection tooling. Develop and implement CI/CD pipelines for Detection Engineering content deployed through Tanium. Conduct Tanium testing and validation cycles, including rollback procedures to support CI/CD and containment operations. Collaborate with Detection Engineering, Endpoint, and C2E workstreams to ensure readiness for platform ...