22 of 22 Remote/Hybrid Threat Detection Jobs in the UK

that reduce risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley, we’ve been … unique client challenges. Summary: The SOC Operations Engineer is responsible for the operational management, optimisation, and lifecycle maintenance of Beazley Group’s core Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) platforms. Working within the IT Security function and in close collaboration with the Beazley ...

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers ...

Networks security technologies and solid experience across XDR and SIEM environments. This role sits within the Security Operations function and is focused on improving threat detection, automation, visibility, and response using XSIAM. *For this role, you must be eligible for SC Clearance* Key Responsibilities Implement and configure Palo … Networks XSIAM to enhance SOC efficiency and visibility Design and manage security automation workflows within XSIAM Integrate and optimise XDR capabilities to support proactive threat detection and response Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reports to provide ...

security transformation. As Security Engineer, you'll lead the deployment and optimisation of CrowdStrike Falcon across the organisation, ensuring endpoints are protected, and threat detection is fully operational. You'll collaborate with internal teams and external partners to integrate CrowdStrike into our environment, fine-tune configurations and provide … engineer with proven experience deploying CrowdStrike at least 3 times in enterprise environments. You have deep technical knowledge of endpoint security, EDR tools and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks and threats. Review and improve SecOps standards and capabilities, highlighting optimization opportunities. Monitor, triage, and investigate triggered alerts, suggesting improvements where necessary. Respond ...

Analyst . This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible … detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). ...

detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). … Perform threat-hunting, log-analysis (including firewall, web/email filters), implement or review DLP controls, and collaborate with infrastructure/cloud/application teams on remediation and security posture improvements. Contribute to continuous improvement of SOC processes (alert tuning, log-source enrichment, documentation), and take part ...

detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). … Perform threat-hunting, log-analysis (including firewall, web/email filters), implement or review DLP controls, and collaborate with infrastructure/cloud/application teams on remediation and security posture improvements. Contribute to continuous improvement of SOC processes (alert tuning, log-source enrichment, documentation), and take part ...

access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across … alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation ...

Monitoring Lead day to day security operations and act as the primary contact for the third party SOC. Analyse and interpret logs, alerts, and threat data to identify potential security incidents. Ensure security tooling is correctly configured, operational, and fully utilised. Threat Detection, Incident Response & Vulnerability Management ...

throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You’ll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain … controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance ...

design, deployment, and optimisation of advanced security capabilities across a complex virtualised environment. You will work closely with technical leads to enhance firewall, threat protection, monitoring, and investigative capabilities within VMware security platforms. What You'll Be Doing Firewall & Platform Enablement (vDefend DFW) Supporting deployment of the platform … macro, meso, and micro-segmentation policies Assisting with Identity Firewall configuration Enhancing logging, monitoring, visibility, and operational metrics Supporting capacity management activities Advanced Threat Protection (ATP) Assisting with ATP enablement and configuration Supporting policy activation for IPS/IDS Participating in testing, validation, and malware prevention tuning Helping with ...

hands-on, proven industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets … security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We value teamwork, collaboration & technical excellence – the company are heavily weighted toward technical staff (as you would hope ...

mission-critical role at the heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed … hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth ...

aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes ...

Solution Architect experience within an MSP environment. Strong Microsoft Azure expertise (IaaS/PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM/SOAR or security monitoring. Solid understanding of hybrid cloud, integrations, networking and resilient design. Ability to articulate complex technical concepts ...

capacity planning, QoS, and traffic engineering. Strong background in security, including firewalls, VPNs, IDS/IPS, secure segmentation, and Zero Trust architecture. Experience with threat detection/response, SIEM integration, and incident response. Familiarity with compliance frameworks such as ISO 27001, NIST, and GDPR. Knowledge of cloud & hybrid ...

/enterprise deployments. Network performance engineering (capacity planning, QoS, traffic engineering). Security Expertise Firewalls, VPNs, IDS/IPS, secure segmentation, Zero Trust architecture. Threat detection/response, SIEM integration, incident response. Compliance frameworks (ISO 27001, NIST, GDPR). Cloud & Hybrid Networking AWS/Azure/GCP networking ...

Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support. Understanding of Operating Systems and Network Protocols. Foundational understanding of advanced threat detection in an enterprise environment. Foundational understanding of malware families, their types, and the threat they pose UK Citizenship is required. Skills ...

DevSecOps, security testing, monitoring and securing CI/CD pipelines You have a strong knowledge of Azure and cloud security You have experience of threat detection and scanning code for vulnerabilities You're collaborative with excellent communication and relationship building skills You have meticulous attention to detail ...

recently adding a SOC-as-a-Service), positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities. Key Responsibilities: Lead the development and implementation of security policies, procedures, and controls Manage ISO27001 compliance, including internal ...

Security Manager looking for a great new environment. Responsibilities include: Cyber Security management Identity and Access Management Microsoft Security suite coverage Azure Security Engineering Threat detection, IR & Forensics What you'll need to succeed Necessary - Experience implementing and monitoring Microsoft Sentinel Purview implementation and monitoring experience (desirable). ...