126 to 150 of 186 Threat Detection Jobs in the UK

advice to senior management regarding incident response, monitoring, logging and analysis of all relevant systems and processes. . Define and evolve the cyber security operations strategy in line with threat posture and government direction. . Develop and maintain a robust cyber incident response plan and identify the required levels of cyber investment within the CSOC to include governance, tooling …/host-based IDS/IPS tooling. . Proven experience setting up SOCs from scratch. . Strong background in SOC strategy, optimisation, and transformation. . Experience in incident response, threat detection, and monitoring frameworks. . Familiarity with tools such as SIEM, IDS/IPS, antivirus, and correlation platforms. . Knowledge of cyber security regulations and frameworks (eg GDPR More ❯

on IaaS, container security (e.g., AKS), and DevOps pipelines Evaluate Terraform scripts, advising on automation processes for secure infrastructure deployment Optimize Azure Defender and other monitoring tools to elevate threat detection capabilities Implement Conditional Access policies, enforcing zero trust and least privilege principles Collaborate across teams to align security protocols with operational objectives Required Skills/Qualifications: Experience More ❯

practices. - Support business units with risk-based security input for projects, client bids, and technology initiatives. - Manage cybersecurity tooling including SIEM, EDR, and mail filtering systems to ensure effective threat detection and response. - Monitor, investigate, and respond to alerts and incidents, coordinating with internal teams and third-party providers. - Oversee regular vulnerability scans and third-party penetration tests More ❯

needs of local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence More ❯

/Experience The ideal candidate will have the following: - Proven experience delivering IT Security or Cybersecurity projects in complex environments. - Strong understanding of security domains (e.g., identity and access, threat detection, endpoint protection, secure infrastructure). - Solid project management skills (RAID management, stakeholder engagement, budgeting, reporting). - Experience working with internal and third-party technical teams. - Familiarity with More ❯

PowerShell scripts for automation and system management. Configure, manage, and troubleshoot firewalls and other security appliances including predominantly Fortinet equipment Ensure robust cyber security measures are in place, including threat detection, response, and mitigation. Collaborate with clients to understand their IT needs and provide tailored solutions. Document technical procedures, configurations, and project plans. Technical Proven experience in a More ❯

Transparency in Cybersecurity: OPSWAT's Approach to File Security & Threat Detection Senior Joint Professional Services - Technical Support Engineer Protecting the World's Critical Infrastructure OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, delivers an end-to-end platform that gives public and private sector organizations and enterprises the critical advantage needed to protect their More ❯

Collaborate with stakeholders to drive security initiatives and strategy • Implement a best practice IT Controls Framework • Act as the security SME across IT, overseeing security operations, incident management and threat detection • Ensure robust third-party security, including commercial agreements • Implement security policies and standards • Manage cybersecurity risks and response to incidents • Implement plans to meet cybersecurity regulatory requirements More ❯

creating custom use-cases, log-source integration, and Logs Parsing. Implement actions to contain and eliminate threats, restore systems to a secure state, and minimize damage. Continuously monitor the threat landscape for emerging threats, vulnerabilities, and evolving attack tactics. Communicate with clients, internal teams, and vendors regarding security incidents and recommendations. Develop and improve SOC processes and designing training … programs. Provide guidance on effective cyber defenses and actionable, cost-effective solutions. Focus on utilizing SOAR platforms to automate and improve security processes, incident response, and threat detection. Develop and implement plans to mitigate identified risks, including security controls and countermeasures. Your Profile: Essential knowledge/experience: Experience with Alerts/Threats Investigation. Driving Major Incident Response. Desirable skills More ❯

support services, and enterprise architecture. Lead strategic initiatives during acquisition activities, ensuring smooth systems integration and transition. Champion a robust cybersecurity strategy that aligns with ISO27001 compliance and proactive threat detection. Establish and maintain effective disaster recovery and business continuity plans. Optimise IT performance through service delivery improvements and effective budget management. Drive digital transformation and promote the adoption More ❯

Are you interested in joining a supportive and collaborative team at a firm that values Cybersecurity? If so, read on! A forward-thinking Financial Services firm is seeking a Threat Detection Engineer to join its Cyber Security team. This role is crucial in managing and improving the firm's SIEM solution. You will be responsible for designing and … responsibilities include: SIEM Solution Management: Oversee the full lifecycle from deployment to continuous improvement. Use Case Development: Design and implement use cases to support security monitoring and incident response. Threat Intelligence Integration: Integrate external CTI into the SIEM platform to enhance proactive threat detection. To be considered for this role, you should have a background as a Threat Detection Engineer, ideally with experience using Splunk and Sentinel, and some experience working in a regulated environment (preferably Financial Services). This is a hybrid opportunity, requiring 3 days in the Edinburgh office, with a salary of up to £90,000. For immediate consideration, please contact me at . Please note that this client cannot sponsor We encourage More ❯

What You'll Be Working On: ️ Gathering, analyzing, and disseminating threat intelligence from multiple sources to identify emerging cyber threats ️ Identifying attack patterns, trends, and vulnerabilities to inform defensive strategies ️ Collaborating with internal teams to enhance incident response and improve threat detection capabilities ️ Producing detailed threat reports, including indicators of compromise (IOCs), tactics, techniques, and procedures … TTPs) ️ Supporting vulnerability management and assisting with the development of security posture recommendations What We're Looking For: ️ Proven experience as a Threat Intelligence Analyst or in a similar role within cybersecurity ️ Strong knowledge of threat intelligence platforms (TIPs), open-source intelligence (OSINT), and malware analysis ️ Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, STIX, TAXII) ️ Experience in More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against … an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a … high-performing team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing, and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real-time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased More ❯

Join a world-leading cybercrime SaaS organisation in an exciting Senior/Principal AI Engineer role to deliver robust and impactful AI-based solutions to advance threat detection efficiency. Our client is headquartered in the UK and, whilst being well-established with significant sector success behind them, serving the largest names globally across the banking and government spaces … platform. Required experience for the Senior/Principal AI Engineer role: Machine learning (ML), deep learning and statistical analysis skills – even better if these skills have been applied to threat detection, malware analysis, phishing and/or abuse detection. Experience building production-grade AI pipelines, including data ingestion, feature engineering, validation, model deployment, and monitoring. Experience designing and … implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying cyber threats (URLs, domains, phishing, botnets, etc.) Proficient in a major backend language (ideally Golang) and related ML/AI libraries (e.g. Tensorflow & PyTorch, etc.) Experience with an MLOps platform like Kubeflow. Demonstrated ability to transition models from prototype to production. Experience assessing various More ❯

Join a world-leading cybercrime SaaS organisation in an exciting Senior/Principal AI Engineer role to deliver robust and impactful AI-based solutions to advance threat detection efficiency. Our client is headquartered in the UK and, whilst being well-established with significant sector success behind them, serving the largest names globally across the banking and government spaces … platform. Required experience for the Senior/Principal AI Engineer role: Machine learning (ML), deep learning and statistical analysis skills – even better if these skills have been applied to threat detection, malware analysis, phishing and/or abuse detection. Experience building production-grade AI pipelines, including data ingestion, feature engineering, validation, model deployment, and monitoring. Experience designing and … implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying cyber threats (URLs, domains, phishing, botnets, etc.) Proficient in a major backend language (ideally Golang) and related ML/AI libraries (e.g. Tensorflow & PyTorch, etc.) Experience with an MLOps platform like Kubeflow. Demonstrated ability to transition models from prototype to production. Experience assessing various More ❯

Join a world-leading cybercrime SaaS organisation in an exciting Senior/Principal AI Engineer role to deliver robust and impactful AI-based solutions to advance threat detection efficiency. Our client is headquartered in the UK and, whilst being well-established with significant sector success behind them, serving the largest names globally across the banking and government spaces … platform. Required experience for the Senior/Principal AI Engineer role: Machine learning (ML), deep learning and statistical analysis skills – even better if these skills have been applied to threat detection, malware analysis, phishing and/or abuse detection. Experience building production-grade AI pipelines, including data ingestion, feature engineering, validation, model deployment, and monitoring. Experience designing and … implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying cyber threats (URLs, domains, phishing, botnets, etc.) Proficient in a major backend language (ideally Golang) and related ML/AI libraries (e.g. Tensorflow & PyTorch, etc.) Experience with an MLOps platform like Kubeflow. Demonstrated ability to transition models from prototype to production. Experience assessing various More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

About Netcraft Netcraft is the global leader in cybercrime detection and disruption. We're a trusted partner for three of the four largest companies in the world and many large country governments. We've blocked more than 200 million malicious sites and perform takedowns for around one-third of the world's phishing sites. Our purpose, passion, and expertise … at Netcraft should combine deep applied AI/ML expertise , a hands-on and collaborative approach to developing solution architecture, and eventually develop a strong domain knowledge in cyber threat detection and mitigation. The role is highly collaborative, embedding within technical teams to deliver robust, explainable, and impactful AI-based solutions that advance threat detection efficacy … models. What you'll need to be successful: Advanced knowledge of machine learning, deep learning, and statistical analysis. Massive bonus points if you have experience applying these skills to threat detection, malware analysis, phishing, and/or abuse detection. Experience designing and implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying More ❯

Cyber Security/Network Security Engineer who has experience building, configuring and managing technical solutions, ideally security tools such as anti-malware, content filtering, SIEM and threat detection solutions is required by a well-established based in Belfast, Northern Ireland. SALARY: £38,000 - £45,000 per annum + Excellent Benefits BENEFITS: 26 Days Holiday plus Bank Holidays. Includes … opportunity for a Cyber Security/Network Security Engineer who has experience building, configuring and managing technical solutions, ideally security tools such as anti-malware, content filtering, SIEM and threat detection solutions. Working as the Cyber Security/Network Security Engineer which the organisation calls a Security Engineer, you'll be at the frontline of cyber defence, working … Produce and maintain clear, accurate and up-to-date procedural documentation Participate in playbook test exercises and respond to genuine security incidents Identify current and emerging security threats Analyse threat intelligence and escalate to the OSM as appropriate Work with other security and technology colleagues to ensure that security vulnerabilities are mitigated quickly Deliver monthly vulnerability scans and support More ❯

Graylog : Empowering Threat Detection, Investigation, & Response Solutions with Cutting-Edge Technology Graylog specialises in delivering top-notch Threat Detection, Investigation, & Response (TDIR) solutions, backed by our latest addition, the Graylog API security platform. As a renowned centralised log management (CLM) and Security Information Event Management (SIEM) provider, we offer unparalleled fast and efficient log analysis capabilities … Defence Magazine at RSA in 2023, and 2024 saw us take home gold and become the Globee Winner for Security Information & Event Management and the 2024 Globee Winner for Threat Hunting, Detection, Intelligence, and Response. Graylog was named a "Leader" and "Fast Mover" in GigaOM's 2024 Radar Report for SIEM and 2025 has seen Graylog recognized in More ❯

incidents, managing the full incident lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK, preferably within a Financial Services firm. This role offers the chance to work in a fast-paced, global environment with More ❯

incidents, managing the full incident lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK, preferably within a Financial Services firm. This role offers the chance to work in a fast-paced, global environment with More ❯

incidents, managing the full incident lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK, preferably within a Financial Services firm. This role offers the chance to work in a fast-paced, global environment with More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations from phishing, ransomware, data theft, and other everyday and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary The Customer More ❯

values. Description Lead and manage the Security Operations team to ensure optimal performance and adherence to best practices. Develop and implement effective security operations process, playbooks Oversee the monitoring, detection, and response to cybersecurity threats and incidents. Collaborate with stakeholders to ensure compliance with relevant regulations and standards. Provide training and guidance to team members to support their professional … skills in vulnerabilities management, incident management, and the implementation of security protocols. Knowledge of relevant cybersecurity regulations and standards. Experience with Microsoft tools and technologies used in monitoring and threat detection. Excellent leadership abilities and the capacity to mentor team members effectively. Strong communication skills to collaborate with stakeholders at all levels. Job Offer A yearly bonus to reward More ❯