1 to 25 of 149 Threat Detection Jobs in the UK

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced More ❯

Detection & Threat Hunt Lead Analyst Engage at our Cheltenham office. Secure employment is subject to satisfactory BPSS and SC security clearance, requiring five years continuous UK address history (no 30+ consecutive days outside the UK), and declaration of being a British passport holder with no dual nationality at the point of application. As a member of the SOC … Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to help ensure that detection strategies are tailored to each client's threat … and security objectives. This role offers a balance of technical hands on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. Key Responsibilities Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. Maintain detection content More ❯

Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role … working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the More ❯

Detection & Threat Hunt Lead Analyst Cheltenham Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being a British passport holder with no dual nationalism at the … us.” – Julie Sweet, Accenture CEO As a team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to … help ensure that detection strategies are tailored to each client’s threat profile and security objectives. This role offers a balance of technical hands-on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. More ❯

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … a great deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks … can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat intelligence for More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the … SOC’s abilities to detect cyber-attacks. Utilize telemetry available throughout the environment to build and improve detection capabilities. Testing of existing and new detection use cases Participation in security incidents/investigations Key skills needed for the role: Experience of SIEM administration – Splunk or Exabeam preferred but other SIEM tools considered Broad technical information security knowledge including … networking, malware analysis, incident response and Knowledge of information security protection, detection and authentication systems Understanding of tools, techniques and procedures that attackers use to compromise organizations, ideally from direct experience. Basic python\ AWS experience Please send your CV for immediate review More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the … SOC’s abilities to detect cyber-attacks. Utilize telemetry available throughout the environment to build and improve detection capabilities. Testing of existing and new detection use cases Participation in security incidents/investigations Key skills needed for the role: Experience of SIEM administration – Splunk or Exabeam preferred but other SIEM tools considered Broad technical information security knowledge including … networking, malware analysis, incident response and Knowledge of information security protection, detection and authentication systems Understanding of tools, techniques and procedures that attackers use to compromise organizations, ideally from direct experience. Basic python\ AWS experience Please send your CV for immediate review More ❯

Every minute of every day, Smiths Detection’s threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

Every minute of every day, Smiths Detection’s threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

enriches security telemetry across cloud, endpoint, identity, and network environments. You'll lead cross-functional teams to deliver scalable, SaaS-native capabilities that provide customers with complete visibility and detection coverage, enabling them to detect and respond to threats with speed and confidence. *About The Team* This role is part of Rapid7's Detection & Response product organization, responsible … for delivering the core SaaS and managed service capabilities that power our customers' security operations. The team owns the end-to-end foundation for detection and response, from event source ingestion and detection rule management to alert triage, incident management, and automation, enabling customers and MDR analysts to detect, investigate, and respond to threats with speed and confidence. … Event Ingestion, your primary responsibility will be to lead the strategy, roadmap, and execution to deliver comprehensive visibility across the modern attack surface. You'll focus on enabling complete detection and response coverage across both first-party and third-party event sources, ensuring our customers have no blind spots in their threat detection capabilities. This role drives More ❯

experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC … will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate … a 24×7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing More ❯

exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure & Network Security Design, implement, and maintain secure … to safeguard identity and access across the enterprise. Virtualisation & Endpoint Protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving More ❯

SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log … sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

and endpoint environments, including laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and … across all device types and operating systems. Engineer and operate scalable solutions for endpoint protection, data loss prevention (DLP), and compliance checking. Build automated controls for device posture, encryption, threat detection, and remediation. Own and optimize integrations with tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation … secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. More ❯

and IR processes, ensuring alignment and consistency across regions. Collaborate with global SOC and IR teams to harmonise incident response workflows, tooling, and reporting standards. Provide expert guidance to Detection Engineers to optimise detection logic and improve alert fidelity. Mentor and train junior SOC and IR analysts, fostering a culture of continuous learning and operational excellence. Contribute to … and refinement of Standard Operating Procedures (SOPs) for Tier 1 and Tier 2 operations. Conduct quality assurance reviews of Tier 1 analysis and provide constructive feedback. Collaborate with the Detection Logic Engineering team to enhance detection capabilities and threat coverage. Support audit and regulatory engagements by providing timely and accurate responses to information requests. Liaise with cross … of hours incident response rotations as necessary. Skills and Experience Minimum 3 years of experience in a Senior SOC Analyst or Tier 2/3 role. Proven expertise in threat analytics, incident response, and cyber investigations. Strong understanding of attacker tactics, techniques, and procedures (TTPs) across diverse environments. Familiarity with industry standard incident response frameworks (e.g., NIST, SANS). More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic security automation and orchestration across modern platforms. You will work … closely with detection, response, and engineering teams to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams … to improve detection coverage and response workflows Monitor emerging threats and translate attacker TTPs into actionable detections and automated mitigations Key Skills & Experience: Hands-on experience with Palo Alto Cortex XSOAR or other SOAR platforms Strong knowledge of threat detection and response engineering Familiarity with MITRE ATT&CK framework Proficiency in Python for automation and integration development More ❯

API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic security automation and orchestration across modern platforms. You will work … closely with detection, response, and engineering teams to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams … to improve detection coverage and response workflows Monitor emerging threats and translate attacker TTPs into actionable detections and automated mitigations Key Skills & Experience: Hands-on experience with Palo Alto Cortex XSOAR or other SOAR platforms Strong knowledge of threat detection and response engineering Familiarity with MITRE ATT&CK framework Proficiency in Python for automation and integration development More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client’s systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯