26 to 50 of 152 Threat Detection Jobs in the UK

The Tier 2 Cyber Security Analyst - is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation … Analyst works closely with senior and Junior Analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising … events and identifying patterns or anomalies that may indicate suspicious or malicious activity. Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This position plays … a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and implementing More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This position plays … a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and implementing More ❯

Tampa office. How you will contribute The Director of SOC will play a critical role in, overseeing the 24/7/365 monitoring, detection, and response to cybersecurity threats and incidents, ensuring operational excellence, threat intelligence integration, and alignment with the organization's security objectives. The ideal … candidate is a proven cybersecurity leader with a deep understanding of security operations, threat landscapes, incident response, and team leadership. This individual will play a key role in shaping the future of our cyber defense capabilities. Responsibilities: • Lead and manage the daily operations of the Security Operations Center, including … of managers, analysts, and incident responders. • Develop and execute SOC strategy, goals, and KPIs in alignment with organizational cybersecurity and business objectives. • Oversee incident detection, triage, investigation, and coordinated response efforts to mitigate threats in real time. • Ensure continuous improvement of security monitoring tools, automation, playbooks, and threat More ❯

a passion to be part of a fast-paced, successful team. This is a hands-on technical lead role, requiring expertise in security assessments, threat detection and incident response. We are looking for someone with a solid technical background who is willing to take on a broader remit … similar technical role Strong understanding of cloud security (AWS, Azure, Google Cloud), network security, and endpoint protection Hands-on experience with SIEM tools, intrusion detection, firewalls, and threat analysis Knowledge of identity and access management (IAM), zero-trust architectures, and encryption techniques Experience conducting vulnerability assessments, and risk More ❯

and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business … a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence … Stay updated on the latest cyber threats, attack vectors, and trends in the cybersecurity landscape. Continuously enhance skills in areas such as incident response, threat hunting, and the utilisation of threat intelligence. Support VBGs compliance with Audit, Data Protection, PCI and other security standards. What Were Looking For More ❯

protocols are in place. Develop and test business continuity and disaster recovery plans to minimise business disruption in the event of a cyberattack. Drive threat intelligence programs, proactively identifying and mitigating emerging risks. Manage external teams of security penetration testers working on monthly cycles to test and improve security … robust security measures across networks, endpoints, cloud platforms, and IT infrastructure to safeguard systems and data. Oversee the deployment and management of firewalls, intrusion detection systems (IDS), endpoint security solutions, and zero-trust architectures. Collaborate with IT and DevOps teams to embed security into cloud environments (AWS, Azure, Google … and improve security defences. Develop a comprehensive risk register, prioritising risks based on business impact and likelihood of exploitation. Implement continuous monitoring and advanced threat detection tools to proactively identify security threats and vulnerabilities. Develop and deliver security training programs for employees, promoting a company-wide culture of More ❯

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift … SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift … SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate More ❯

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role … actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver … business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and More ❯

this could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents … and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security … and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration More ❯

security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves … cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and More ❯

security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves … cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and More ❯

global security posture. As a subject matter expert, you’ll lead initiatives across network, cloud, data, and system security guiding critical IT projects, running threat models for complex systems, and building automation to validate controls and resilience. You'll act as the escalation point for Security Operations, driving swift … assets. Manage and fine-tune security tools to ensure optimal performance and coverage. Provide expert-level, second-line support to Security Operations for complex threat scenarios. Conduct thorough threat modeling and risk assessments to uncover vulnerabilities and drive proactive defenses. Oversee the relationship with our Managed Detection & Response (MDR) partner to ensure top-tier threat detection and response. Drive execution of the security roadmap, aligning with evolving business goals and threat landscapes. Partner with cross-functional teams to promote security best practices and embed security into daily operations. Requirements: 5+ years of hands More ❯

global security posture. As a subject matter expert, you’ll lead initiatives across network, cloud, data, and system security guiding critical IT projects, running threat models for complex systems, and building automation to validate controls and resilience. You'll act as the escalation point for Security Operations, driving swift … assets. Manage and fine-tune security tools to ensure optimal performance and coverage. Provide expert-level, second-line support to Security Operations for complex threat scenarios. Conduct thorough threat modeling and risk assessments to uncover vulnerabilities and drive proactive defenses. Oversee the relationship with our Managed Detection & Response (MDR) partner to ensure top-tier threat detection and response. Drive execution of the security roadmap, aligning with evolving business goals and threat landscapes. Partner with cross-functional teams to promote security best practices and embed security into daily operations. Requirements: 5+ years of hands More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … within a SOC team. it would be highly desirable to have cybersecurity certifications like CRT or OSCP, and a proven talent for fine-tuning detection logic and enhancing SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal … role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … within a SOC team. it would be highly desirable to have cybersecurity certifications like CRT or OSCP, and a proven talent for fine-tuning detection logic and enhancing SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal … role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intel; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate … Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and More ❯

events using system logs, network traffic, and endpoint telemetry Supporting containment and recovery efforts during active security incidents Continuously enhancing SOC capabilities, tooling, and detection rules using threat-informed approaches like MITRE ATT&CK Producing detailed incident reports and documentation for both technical and non-technical stakeholders Assisting … with threat intelligence activities as needed Staying current on evolving threats, attack techniques, and industry best practices For the SOC role you will have: Hands-on experience working in a Security Operations Centre (SOC) Solid knowledge of SIEM tools such as Microsoft Sentinel or Splunk Familiarity with the MITRE … ATT&CK framework and threat detection methodologies Strong analytical skills with a keen eye for detail in log analysis and network monitoring Basic understanding of enterprise security architecture including firewalls, VPNs, AV, and web applications Good grasp of network protocols such as TCP/IP, HTTP, SMTP, and More ❯

strategy. They're now looking to hire a knowledgeable Cyber Security Analyst to play a key role in safeguarding sensitive client data and supporting threat response across complex environments. The role offers a salary of £60,000 - £70,000, excellent benefits, and a flexible hybrid working setup. Your Responsibilities … Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach Designing and fine-tuning rules and playbooks to improve threat detection and response Working with customers to shape and implement tailored security monitoring workflows Supporting both live operations and onboarding of new services … Researching threat intelligence to enhance SOC processes Reviewing junior analyst cases and helping develop their capabilities Owning ticket queues, meeting SLAs, and ensuring high-quality case records Participating in projects across departments and improving internal procedures Taking part in the on-call incident escalation rota You'll Need: 3+ More ❯

resilience. As they continue to grow and enhance their cyber maturity, they're seeking a passionate Senior Cyber Security Analyst to support critical incident detection, response efforts, and security automation. The position offers a salary of £50,000 - £60,000, a strong benefits package tailored for UK employees, and … a hybrid working model with remote flexibility. Your Responsibilities Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach Designing and fine-tuning rules and playbooks to improve threat detection and response Working with customers to shape and implement tailored security monitoring workflows … Supporting both live operations and onboarding of new services Researching threat intelligence to enhance SOC processes Reviewing junior analyst cases and helping develop their capabilities Owning ticket queues, meeting SLAs, and ensuring high-quality case records Participating in projects across departments and improving internal procedures Taking part in the More ❯