21 of 21 Remote Threat Detection Jobs in the UK

Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC … Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural … scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with More ❯

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering … function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy, and designing detection capabilities that protect our global environment. Your new role Lead the coordination and … operation of the internal detection engineering function. Design and implement cyber detection rules and use cases to identify threats across our IT infrastructure. Identify and log visibility gaps, working to improve detection coverage and accuracy. Build and tune custom detection logic for complex environments and emerging threats. Monitor evolving attacker tactics (TTPs), integrating insights into detection More ❯

+ Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll … do: SIEM Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel … coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project Support: Support presales, contribute to new SOC solution scoping, and lead demos where required. What we're looking for: Must More ❯

governance and identity lifecycle processes in a highly View job & apply CTI Analyst Location: London Job type: Permanent Financial Services firm seeks an Operational CTI Analyst to join its Threat Intelligence team. Th View job & apply Senior Manager - BCM Second Line Location: Frankfurt Salary: 125,000 + Benefits Job type: Permanent Sector: Banking We are seeking a Senior Manager … hybrid Job type: Permanent Leading banking group seeks a Cryptography Analyst to join their security team. As an Analyst in We are seeking a highly motivated and skilled Insider Threat Investigations Lead to join a newly formed Insider Threat Team. This role focuses on identifying, preventing, and responding to risks posed by individuals with authorized access to organisational … This role suits someone with strong investigative skills, an analytical mindset, the ability to interpret and act on data, and the capability to execute initiatives that strengthen the insider threat programme. Key Responsibilities Support the delivery of the insider threat programme, including developing tools, standards, and procedures to detect, prevent, and respond to insider threats. Utilise advanced detection More ❯

deliver runtime-isolated, reproducible models that are easy to deploy, monitor, and update without connectivity. Work closely with data scientists to define clear KPIs and success criteria-such as detection accuracy, latency, false positive/negative rates, explainability, and robustness-to determine what constitutes a production-grade, releasable model. Align model performance goals with the operational realities of the … into actionable requirements. Excellent communication and stakeholder management skills. Comfortable working in a fast-paced, iterative, and agile environment. Preferred Experience: Solid understanding of cyber security concepts such as threat detection, SIEM, anomaly detection, and incident response. Experience with tools for tracking ML models in production (e.g., MLflow). We encourage you to apply even if your More ❯

assets. Collates, defines, and enforces secure configuration baselines and hardening standards in alignment with organisational security obligations and recognised industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines). Conducts threat modelling and risk assessments to identify vulnerabilities or compliance gaps. Maintains and manages Software Bills of Materials (SBOMs). Assists with integrating security monitoring, logging, and alerting capabilities. Creates … risk assessments, risk mitigation plans, and security operations procedures. Performs security validation, configuration assessments, and support user acceptance testing (UAT) for security-related features. Collates and analyses information for threat intelligence requirements from a variety of sources. Designs and executes complex vulnerability research activities. Provides guidance, support and mentoring to other IT Engineers as requested by the IT Leadership … . Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and More ❯

manage Cyber Incidents supporting the CISO and CISO team in the co-ordination of managing these events globally, collaborate with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the constantly changing threat landscape and define and monitor KPIs regarding detection, response and containment. … a strong technical security operations background with experience of leading SOCs or Security Operations teams within regulated environments You have an indepth knowledge of core security operations practices: SIEM, threat hunting, vulnerability management, incident response You have a good understanding of common threat actor tactics (MITRE ATT&CK), modern malware, and intrusion techniques You have experience of supporting More ❯

ll manage Cyber Incidents supporting the CISO and CISO team in the coordination of managing these events globally, collaborate with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the constantly changing threat landscape and define and monitor KPIs regarding detection, response and containment. … strong technical security operations background with experience of leading SOCs or Security Operations teams within regulated environments * You have an in-depth knowledge of core security operations practices: SIEM, threat hunting, vulnerability management, incident response * You have a good understanding of common threat actor tactics (MITRE ATT&CK), modern malware, and intrusion techniques * You have experience of supporting More ❯

and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security More ❯

and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security More ❯

and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security More ❯

and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security More ❯

looking for a proactive, self-starting individual with strong technical knowledge across on-prem and cloud environments, and ideally experience in areas such as: Network security, IAM, SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology/IoT-rich environments would be More ❯

and align frameworks to protect business assets. You will join a collaborative environment focused on embedding long-term security resilience across the organisation. With growing regulatory expectations and evolving threat landscapes, this is a fantastic opportunity to lead high-impact initiatives and shape the future of cyber security within a complex enterprise. As part of this role, you will … to NIST CSF, CIS Controls, and defence-in-depth strategies. Strong background in stakeholder engagement, vendor management, and program governance. Experience across key security domains including cloud security, IAM, threat detection, and remediation. Excellent communication skills and the ability to influence at senior levels. This role offers hybrid working closely with the wider team in a central London More ❯

and align frameworks to protect business assets. You will join a collaborative environment focused on embedding long-term security resilience across the organisation. With growing regulatory expectations and evolving threat landscapes, this is a fantastic opportunity to lead high-impact initiatives and shape the future of cyber security within a complex enterprise. As part of this role, you will … to NIST CSF, CIS Controls, and defence-in-depth strategies. Strong background in stakeholder engagement, vendor management, and program governance. Experience across key security domains including cloud security, IAM, threat detection, and remediation. Excellent communication skills and the ability to influence at senior levels. This role offers hybrid working closely with the wider team in a central London More ❯

Security, Compliance & Governance: Ensure compliance with corporate security and privacy policies through proactive monitoring and enforcement. Partner with cyber and ISRM teams to integrate secure access into incident response, threat detection, and policy governance workflows. Support enforcement of access policies for third-party, BYOD, and contractor devices using secure, scalable methods. Collaboration & User Experience: Work closely with cyber More ❯

commercial and technical expertise, supporting solution design, shaping customer proposals, and guiding conversations from scoping through to delivery. Key experience Background in managed security services, including SOC operations and threat detection Strong knowledge of cloud and on-prem security tooling (SIEM, EDR, IAM) Penetration testing Proven ability to translate technical concepts into clear business value Confident in customer More ❯

is fully remote. For location-specific details, please connect with our recruiting team. What You Will Do: Product Strategy : Create roadmaps in tandem with engineers for products like AI threat detection, post-quantum cryptography, managed rulesets etc. Build customer trust in Vercel's comprehensive security capabilities. Pricing : Collaborate with product managers and engineers to price new and existing More ❯

architecture and infrastructure. Design and configure networking components to ensure efficient and secure communication between services. Develop and implement security best practices, including identity and access management, encryption, and threat detection. Monitor and manage detection contracts to ensure timely identification and resolution of security incidents. Automate infrastructure provisioning, deployment, and management using Infrastructure as Code (IaC) tools. Perform … VPC, IAM, CloudFormation, and more. Strong background in networking, including VPN, DNS, load balancing, and firewall configurations. Demonstrated expertise in security practices, including identity and access management, encryption, and threat detection. Experience with detection contracts and monitoring tools to identify and respond to security incidents. Proficiency in scripting languages such as Python, Bash, or PowerShell. Familiarity with Infrastructure More ❯

the cyber security vision and build a corresponding technical roadmap which delivers a world class security controls across cloud infrastructure, networks, end points, identity & access management, application security, and threat detection. Collaborate closely with the SNOPs Lead to adapt the SNOPs roadmap priorities in line with shifts in industry, evolving threat landscape and regulatory requirements. Ensure effective … evolving technology needs. Technology Platform Delivery Oversee the delivery and lifecycle management of: Microsoft 365 and collaboration platforms Cloud platforms (design, automation, cost optimisation) Network and security operations (compliance, threat management) Monitoring, observability, and backup/recovery systems Ensure alignment with architectural standards and regulatory requirements (e.g., DORA, Cyber Essentials Plus). Stakeholder Engagement Act as the escalation point More ❯

for a builder who thrives on fast-paced, high-impact work-someone who is just as comfortable shaping product strategy as they are digging into the latest LLMs for threat detection. This remote position is open to candidates who are located in the UK or Ireland. AI Innovation at Dataminr Working at Dataminr you'll have the opportunity to … our clients to stay one step ahead in an increasingly complex world where every second counts. Founded in 2009, we have pioneered the world's first real-time event detection platform, long before the recent Gen AI 'boom.' Dataminr operates all around the world united by our passion to use AI for the greater good, be agents of positive More ❯