101 to 125 of 176 Threat Detection Jobs in the UK

security initiatives with business goals. SaaS Product Security & Risk Management Implement application and cloud security best practices (e.g., DevSecOps, CI/CD security, secure coding). Deploy and monitor threat detection, logging, and incident response programs for our cloud infrastructure. Conduct security risk assessments and work with development teams to remediate vulnerabilities. Internal IT Security & Risk Management Establish … internal IT security policies and access controls. Oversee endpoint security and identity & access management (IAM). Implement and maintain security team tools, such as SIEM, vulnerability scanning, and endpoint detection solutions. Training & Awareness Develop and run organization-wide security training programs to foster a strong security culture company-wide. Educate employees on phishing, data protection, secure development, and compliance More ❯

Identity and Access function within the Cyber Security team, including: o Access Management o Identity Governance and Administration o Role Based Access Control o Privileged Access Management o Identity Threat Detection and Response o Access Certification o Identity Data Management & Analytics Ensure that only authorised identities have access to the relevant data and systems. Working with department Heads More ❯

integration and delivery (CI/CD) pipelines, ensuring rapid, secure, and reliable deployment of JavaScript applications. Develop and maintain automated security tools for static code analysis, penetration testing, and threat modelling. Implement real-time monitoring, alerting, and response strategies for security incidents. About You: Strong proficiency in Cloud Environment ideally in GCP services (Compute Engine, Cloud Functions, IAM, Kubernetes … on experience with security practices like vulnerability scanning, encryption, authentication, and secrets management (Vault, Key Management Service). Experience with SIEM platforms (Splunk, Datadog, or equivalent) for monitoring and threat detection. You thrive when working as part of a team, are comfortable in a fast-paced environment, have excellent written and verbal English skills, and last but not least More ❯

Splunk Developer (Threat Detection Consultant) - Brussels/London/Paris/Amsterdam - Banking Client Duration: 1 year Rate: 500 - 800 per day Hybrid: 2 days onsite per week (London, Paris, Brussels or Amsterdam) Role: Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilities Cooperate with … addresses scenario described in use case Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic Coach a team (from a technical perspective); review work outputs and provide quality assurance Analyses and identifies areas of improvement with existing processes, procedures, and documentation Demonstrates how … products to both technical/non-technical personnel Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features Qualifications: Technical Skills: In depth experience in development and maintenance of SIEM use More ❯

What You'll Be Working On: ️ Proactively identifying and investigating advanced persistent threats (APTs), malware, and other cyber threats within the organization's network ️ Utilizing threat intelligence to hunt for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) ️ Analyzing network traffic, logs, and endpoint data to detect anomalies and uncover hidden threats ️ Collaborating with incident response and … security operations teams to track down and eliminate threats ️ Continuously improving threat detection strategies and developing new tools and techniques to stay ahead of evolving threats What We're Looking For: ️ Proven experience as a Threat Hunter or in a similar cybersecurity role focused on threat detection and incident response ️ Strong knowledge of threat … frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST are highly desirable More ❯

Senior Security Engineer, Detection and Response London, UK Please note this is for London, UK. You only need to apply to one location if there are multiple listed for the job. At Ripple, we're building a world where value moves like information does today. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving … the Information Security team, you will help us achieve this mission by actively working to protect our staff, company, and the larger crypto communities we engage with. Ripple's Detection & Response team defends against internal and external threats across our company and services. To accomplish this, we are building data pipelines and detections, automating incident response, and developing leading … edge solutions to collect and analyze data in both security incidents and investigations. As a Detection and Response Engineer, you will build and grow your career in all of these areas. WHAT YOU'LL DO: Help lead the overall detection and response strategy Continually improve our ability to monitor for anomalies and detect malicious activity Analyze applications and More ❯

the Information Security team, you will help us achieve this mission by actively working to protect our staff, company, and the larger crypto communities we engage with. Ripple's Detection & Response team defends against internal and external threats across our company and services. We are focused on protecting Ripple, our revolutionary payment technology, our employees, and our customers. To … this, we are building data pipelines and detections, automating incident response, and developing leading-edge solutions to collect and analyze data in both security incidents and investigations. As a Detection and Response Engineer, you will build and grow your career in all of these areas. WHAT YOU'LL DO: Help lead the overall detection and response strategy Continually … improve our ability to monitor for anomalies and detect malicious activity Analyze applications and systems to identify relevant data sources for threat detections Tune and test detection logic to reduce false positives and noise Work with technology vendors to optimize security services for peak effectiveness Research and collaborate internally and externally on open-source solutions Automate response processes More ❯

ambiguous environment. Key job responsibilities Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. Maintain and optimize … security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers … with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team manages security issues across the globe. A security engineer within the team More ❯

times, ambiguous environment. Key job responsibilities - Monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. - Maintain and optimize … security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers … with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of More ❯

key security initiatives, collaborating closely with engineering, operations, and compliance teams. With a strong emphasis on SecOps and a generalist approach, you'll work across cloud infrastructure, application security, detection and response, and governance, risk, and compliance (GRC). Lead and deliver end-to-end security initiatives with minimal supervision. Foster a strong internal security culture, sharing knowledge and … driving improvements across teams. Ensure security outcomes are measurable, visible, and tightly aligned with risk. Collaborate with engineers and operations teams Build, maintain, and improve systems for threat detection and response (e.g. using AWS, Elastic). Work on application security and cloud infrastructure (AWS) - Terraform and Python development experience is highly valued. Support and maintain compliance frameworks and … functional efforts, and deliver security outcomes end-to-end. A passion for growing others - you actively drive knowledge sharing and foster a culture of security. Demonstrable SecOps experience, including threat detection, response, and operational security in cloud environments. Familiarity with tools like Elastic for threat detection and infrastructure-as-code tools like Terraform. Proficiency in Python More ❯

and regulations. You will be responsible for leveraging and optimising a number of tools including, MS Defender, Sentinel, Azure and the external SOC partner to enhance cyber resilience, conduct threat analysis, and proactive risk assessments to design effective controls. You will be leading the Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of … threat intelligence, threat detection, incident response, vulnerability management, and ethical hacking capabilities. You will be leading a team of Infrastructure Engineers, ensuring strong data controls are in place, whilst working closely with key stakeholders to establishing responsibilities and ensure an end-to-end approach to cyber resilience Is embedded in other functions. What you'll need to More ❯

and regulations. You will be responsible for leveraging and optimising a number of tools including, MS Defender, Sentinel, Azure and the external SOC partner to enhance cyber resilience, conduct threat analysis, and proactive risk assessments to design effective controls. You will be leading the Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of … threat intelligence, threat detection, incident response, vulnerability management, and ethical hacking capabilities. You will be leading a team of Infrastructure Engineers, ensuring strong data controls are in place, whilst working closely with key stakeholders to establishing responsibilities and ensure an end-to-end approach to cyber resilience Is embedded in other functions. What you'll need to More ❯

and regulations. You will be responsible for leveraging and optimising a number of tools including, MS Defender, Sentinel, Azure and the external SOC partner to enhance cyber resilience, conduct threat analysis, and proactive risk assessments to design effective controls. You will be leading the Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of … threat intelligence, threat detection, incident response, vulnerability management, and ethical hacking capabilities. You will be leading a team of Infrastructure Engineers, ensuring strong data controls are in place, whilst working closely with key stakeholders to establishing responsibilities and ensure an end-to-end approach to cyber resilience Is embedded in other functions. What you'll need to More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary As More ❯

development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java. Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle. Provide mentorship, guidance, and training on security best … and ensure compliance with QRT's standards. Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems. Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment. At … and Linux-based systems. Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment. In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment. Experience integrating security scanning tools into CI/CD pipelines and More ❯

equivalent are preferred Bachelor's degree in Information Security, Computer Science, or related field Additional Skills Strong hands-on network and security background Cisco networking Cisco firewalls (Firepower/Threat Detection) Palo Alto firewalls SIEM experience (Logarithm desirable) Web proxy (Forcepoint desirable) Governance skills Policy writing/reviewing Reporting KPI monitoring Certifications like CCNP/CISM would be More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary At More ❯

CISO or repeat offenses for further action or disciplinary review with HR. Supporting the management, tuning, and improvement of DLP tools and rulesets to reduce false positives and increase detection accuracy. Collaborating with IT or third-party providers to ensure DLP systems are operational, updated, and aligned with business needs and regulation requirements. Producing clear, data-driven monthly reports … Experience using DLP technologies (e.g., Microsoft Purview, Symantec, Forcepoint, or similar). Familiarity with data classification, data handling standards, and regulatory requirements (e.g., NYDFS, GDPR). Knowledge of insider threat detection and user behavior analytics (UBA). Exposure to security incident and event management (SIEM) tools. Core Values Love what you do: We show up each day ready More ❯

practices. - Support business units with risk-based security input for projects, client bids, and technology initiatives. - Manage cybersecurity tooling including SIEM, EDR, and mail filtering systems to ensure effective threat detection and response. - Monitor, investigate, and respond to alerts and incidents, coordinating with internal teams and third-party providers. - Oversee regular vulnerability scans and third-party penetration tests More ❯

advice to senior management regarding incident response, monitoring, logging and analysis of all relevant systems and processes. . Define and evolve the cyber security operations strategy in line with threat posture and government direction. . Develop and maintain a robust cyber incident response plan and identify the required levels of cyber investment within the CSOC to include governance, tooling …/host-based IDS/IPS tooling. . Proven experience setting up SOCs from scratch. . Strong background in SOC strategy, optimisation, and transformation. . Experience in incident response, threat detection, and monitoring frameworks. . Familiarity with tools such as SIEM, IDS/IPS, antivirus, and correlation platforms. . Knowledge of cyber security regulations and frameworks (eg GDPR More ❯

on IaaS, container security (e.g., AKS), and DevOps pipelines Evaluate Terraform scripts, advising on automation processes for secure infrastructure deployment Optimize Azure Defender and other monitoring tools to elevate threat detection capabilities Implement Conditional Access policies, enforcing zero trust and least privilege principles Collaborate across teams to align security protocols with operational objectives Required Skills/Qualifications: Experience More ❯

practices. - Support business units with risk-based security input for projects, client bids, and technology initiatives. - Manage cybersecurity tooling including SIEM, EDR, and mail filtering systems to ensure effective threat detection and response. - Monitor, investigate, and respond to alerts and incidents, coordinating with internal teams and third-party providers. - Oversee regular vulnerability scans and third-party penetration tests More ❯

needs of local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence More ❯

/Experience The ideal candidate will have the following: - Proven experience delivering IT Security or Cybersecurity projects in complex environments. - Strong understanding of security domains (e.g., identity and access, threat detection, endpoint protection, secure infrastructure). - Solid project management skills (RAID management, stakeholder engagement, budgeting, reporting). - Experience working with internal and third-party technical teams. - Familiarity with More ❯

PowerShell scripts for automation and system management. Configure, manage, and troubleshoot firewalls and other security appliances including predominantly Fortinet equipment Ensure robust cyber security measures are in place, including threat detection, response, and mitigation. Collaborate with clients to understand their IT needs and provide tailored solutions. Document technical procedures, configurations, and project plans. Technical Proven experience in a More ❯