1 to 25 of 58 Threat Detection Jobs in the UK

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

Cyber Threat Detection Analyst Location: Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology Powerhouse with a highly regarded cyber security capability supporting … mission-critical environments across multiple industries. Cyber security sits at the heart of the organisation's operations, with sustained investment in people, tooling, threat intelligence, and continuous professional development. The security function operates at a mature level, bringing together blue team, red team, threat hunting, and collaborative purple ...

Title: Lead Threat Detection Analyst Location: Preston Security Clearance: SC or eligibility to obtain (higher clearance advantageous) We are seeking a Lead Threat Detection Analyst to join a high-performing Cyber Operations function responsible for protecting critical national and defence infrastructure from sophisticated cyber threats. This … hands-on leadership role combining technical threat detection expertise with operational oversight. You will lead triage and detection activities, mentor analysts, and continuously improve people, process and technology across the security operations capability. You will play a key role in identifying, analysing and mitigating threats before they ...

SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve the organisation … overall cyber resilience. This is an excellent opportunity for a security professional who enjoys leading teams, improving security operations, and driving proactive threat detection strategies. Key Responsibilities Lead and mentor the internal Security Operations team, overseeing daily operational activities and performance. Define and implement the strategy and operational ...

complex enterprise security environment. The successful consultant will play a key role in strengthening the organisation’s security operations capability, helping to modernise threat detection, automate response workflows, and improve visibility across the security ecosystem. Key Responsibilities Lead the implementation and configuration of Palo Alto XSIAM within … enterprise SOC environment Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and reduce manual ...

logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules and use cases to improve threat visibility. Threat Hunting: Proactively hunt for advanced … platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud) Ability to independently ...

Threat Modelling Consultant Rate - £550 per day Inside IR35 Location - London twice a week on site Duration - 6 months initial We are looking to recruit an experienced Threat Modelling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. You will evaluate application-generated … logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat ...

Detection & Response Analyst (SOC/Security Engineering Pathway) Portsmouth (Hybrid) Why this role is different Most SOC roles are alert-heavy and repetitive. This isn’t one of them. You’ll be joining a team that’s actively moving beyond traditional SOC work—focusing on threat detection, automation, and security engineering , not just ticket handling. If you’re looking to step up from SOC OR move closer to engineering/threat hunting , this is a genuine pathway role. What you’ll be doing Investigating and responding to security incidents across enterprise environments Building and improving ...

organisation's security posture. Role Overview: You'll lead on security engineering initiatives, own key security platforms, drive automation and support incident response and threat detection activities. You'll also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. Key Responsibilities: Deploy … Ansible. Maintain secure baselines for Windows, Linux and Kubernetes. Automate IAM workflows and integrate identity governance into CI/CD. Support incident response, threat detection and Red/Blue team exercises. Maintain security documentation and participate in on-call rotations. Qualifications & Experience: Degree in Computer Science, Engineering, Information ...

detail-driven Senior Cyber Operations Analyst to join their team. This is a fantastic opportunity to work with cutting-edge tooling, contribute to threat-driven defensive security, and shape advanced SecOps capabilities across enterprise environments. About the Role As a Senior Cyber Operations Analyst at Associate Manager level … heart of a thriving Cyber Practice covering Assurance, Compliance, SecOps, Offensive Security and Research. You'll play a pivotal part in threat detection, incident response, detection engineering, and security monitoring - helping defend major UK organisations. This role is perfect for someone who thrives in technical depth, enjoys ...

initial We are looking for an experienced Senior Security Engineer to join a growing cyber security team, helping to strengthen security controls, monitoring and threat detection capabilities across the organisation's technology estate. This role will play a key part in the operation and improvement of core security … detect threats, improve visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management ...

team longer term. Based within a progressive & rapidly growing company, that is forging/carving their reputation as a leader in the Cyber Security Threat Management/Exposure sector, this role offers fantastic scope for someone to combine Technical Pre/Post Sales responsibilities. Offering You will initially work … follow up technical meetings to evaluate performance for the customer/users. All this is on a leading international Cyber Security Platform, specialising in Threat Detection/Exposure/Management for customers across the globe. Type of Cyber Security roles, the right applicant may currently be working ...

contract basis. This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence. As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely … configuration, and ongoing optimisation of the CrowdStrike Falcon platform Manage policies across Falcon Prevent, Insight, and Discover Act as the technical authority for endpoint detection and response (EDR) SIEM & Security Monitoring (Splunk) Architect and enhance Splunk dashboards, alerts, and data models Write and maintain complex Splunk SPL queries Optimise ...

clients large-scale Operational Technology (OT) environment. This is a hands-on role focused on implementing and maturing a suite of security tooling, enhancing detection capabilities, and strengthening overall cyber resilience. You will work closely with internal security teams and stakeholders to ensure successful integration and ongoing improvement … Information Security, Cyber Security, or a related field Key Responsibilities include: * To lead the deployment, configuration, and optimisation of OT security tooling, including: Endpoint Detection & Response (EDR) Identity Threat Detection & Response (ITDR) Network Detection & Response (NDR) Industrial Control System (ICS) monitoring solutions * Implement and maintain hardened ...

development and maintenance of the code and capabilities of the Security Orchestration, Automation and Response (SOAR) platform. Candidates will work with the Manager of Detection & Response Engineering and will work jointly with our detection engineering, threat detection and response teams to specify clear priorities, evaluate technical ...

senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities. Key Responsibilities Act as the final escalation point for security incidents and alerts … Lead and coordinate incident response for high-severity threats Perform advanced threat hunting and forensic investigations Analyse logs from SIEM, EDR, NDR, and cloud security tools Develop and refine detection rules and use cases Support SOC maturity improvements and playbook development Mentor and support L1/L2 analysts ...

Principal Security Engineer – SIEM & Detection Engineering Location: Fully Remote Salary: £120,000 plus benefits Type: Full-time Industry: Managed Security Services/Cybersecurity Consulting The Role A growing security services provider is seeking an experienced Senior Security Engineer to join a distributed, remote-first team. This role … remote and focuses on helping clients maintain, secure, and continuously improve their security environments through strong SIEM engineering, detection optimisation, and collaboration with a 24x7 Security Operations Centre. You’ll work hands-on across multiple client environments, contributing to detection engineering, automation, and operational security outcomes without ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams … relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication ...

environment. This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability. Key Responsibilities Lead the deployment, configuration, and ongoing management of CrowdStrike … escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support capability uplift by training and mentoring internal team ...

Your mandate is to take ownership of the Technical Implementation & Engineering Functions, shifting the SOC from a Reactive State to a Proactive, High-Fidelity Detection Powerhouse. You will have the autonomy to set the direction for the practice, architecting how the team utilises SIEM, EDR & IDS Tools. … SIEM Platforms (specifically Microsoft Sentinel) & EDR solutions. You should be comfortable managing these within Complex, Multi-Tenant Environments. The Engineering Edge: Good Background in Detection Engineering, Custom Rule Creation & Log Orchestration. You should be highly proficient in KQL & have good Scripting Capabilities (Python or PowerShell). Onboarding & Architecture: Proven ...

secure design and operation of critical technology platforms, collaborating closely with platform owners and engineering teams to embed security throughout the lifecycle.Incident Response and Threat ManagementProvide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security incidents.Stakeholder EngagementAct ...

secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security incidents. Stakeholder ...