1 to 25 of 53 Remote Threat Detection Jobs in the UK

Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role … working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the More ❯

exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure & Network Security Design, implement, and maintain secure … to safeguard identity and access across the enterprise. Virtualisation & Endpoint Protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client’s systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems click apply for full job details More ❯

and commitment will allow you to deliver high quality outputs. Reporting to the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.You will help us deliver improvements across several of our cyber security domains including Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams. … Key Responsibilities: SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response Perform log source onboarding, parsing, and data normalisation on various data types Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations Log Management & Data Engineering: Engineer and maintain log pipelines using More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with … IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with … IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

Flow environment. Policy Development : Create and enforce security policies and procedures to protect network resources and data. Security Management : Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems, and VPNs. Incident Response : Lead and coordinate responses to security incidents, including investigation, mitigation, and reporting. Compliance : Ensure compliance with relevant security standards and regulations, such … using Python, PowerShell, or Terraform. Security Certifications – Industry-recognized certifications such as CISSP, CISM, CCNP Security, AWS Certified Advanced Networking, or Nutanix Certified Professional – Multicloud Infrastructure (NCP-MCI). Threat Detection & Incident Response – Experience in real-time threat monitoring, and coordinated incident response efforts. Compliance & Governance – Familiarity with security frameworks and regulations such as GDPR, HIPAA, PCI … Networking (SDN) & Network Virtualization – Hands-on experience with SDN solutions and network segmentation strategies. Security Automation & Scripting – Proficiency in automating security workflows using Python, PowerShell, Terraform to enhance efficiency. Threat Hunting & Intelligence – Knowledge of threat intelligence platforms, attack vectors, and proactive threat hunting methodologies. Security Auditing & Assessment – Experience conducting risk assessments, penetration testing, and security audits for More ❯

Flow environment. Policy Development : Create and enforce security policies and procedures to protect network resources and data. Security Management : Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems, and VPNs. Incident Response : Lead and coordinate responses to security incidents, including investigation, mitigation, and reporting. Compliance : Ensure compliance with relevant security standards and regulations, such … using Python, PowerShell, or Terraform. Security Certifications – Industry-recognized certifications such as CISSP, CISM, CCNP Security, AWS Certified Advanced Networking, or Nutanix Certified Professional – Multicloud Infrastructure (NCP-MCI). Threat Detection & Incident Response – Experience in real-time threat monitoring, and coordinated incident response efforts. Compliance & Governance – Familiarity with security frameworks and regulations such as GDPR, HIPAA, PCI … Networking (SDN) & Network Virtualization – Hands-on experience with SDN solutions and network segmentation strategies. Security Automation & Scripting – Proficiency in automating security workflows using Python, PowerShell, Terraform to enhance efficiency. Threat Hunting & Intelligence – Knowledge of threat intelligence platforms, attack vectors, and proactive threat hunting methodologies. Security Auditing & Assessment – Experience conducting risk assessments, penetration testing, and security audits for More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

team across SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and … o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high-performing teams across technical and governance More ❯

Senior Security Engineer – Detection & Automation Here’s a great opportunity for a hands-on Senior Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts … to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting or API connections. Tune detection use cases and improve visibility across cloud/on-prem environments. Support client onboarding and configuration alignment. Mentor junior engineers and analysts. You’ll bring: 3–5 years’ experience in SOC or security engineering. … Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative environment. If you love improving More ❯

ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. Please note that in this role, you will have an 8x5 Monday-Friday schedule, with flexibility to respond to after-hours pages for potentially major security incidents to More ❯

resilience and enable smarter security operations. You will: Architect & Design : Build and evolve secure frameworks using Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence, and reporting. Set Standards More ❯

ideal candidate will embed security throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You’ll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain SC security clearance Duties and responsibilities … Design, implement and optimise security controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting … including SIEM/threat detection). Create security documentation (designs, risk assessments, mitigation plans, ops procedures). Collaborate with project/programme managers and stakeholders to ensure effective control implementation. Skills/experience (essential) Must be SC-eligible. 5+ years in cybersecurity or infrastructure security roles. Strong technical knowledge of Microsoft and Azure-based environments (cloud & on-prem More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

WAN, SD-WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection … center design, virtualization, storage, backups, disaster recovery, networking (LAN/WAN, SD-WAN), cloud connectivity. Cloud and Datacenter: IaaS/PaaS migrations, cloud governance, hybrid architectures, cloud security. Cybersecurity: threat prevention/detection, IAM, endpoint protection, SOC-oriented operations, incident response planning. Solution architecture and proposal skills: ability to translate business needs into standardized reference architectures, bill of More ❯