26 to 50 of 146 Threat Detection Jobs in the UK

provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection – whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award … winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents. ...

provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection – whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award … winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents. ...

lead the design of modern identity security architectures across all IAM domains - Access Management, Identity Governance & Administration (IGA), Privileged Access Management (PAM), Identity Threat Detection & Response (ITDR), and Identity Security Posture Management (ISPM). You will be the technical authority for customer identity programmes, driving Zero‐Trust Identity … regulated sectors such as finance, retail, banking, healthcare, or government. Knowledge of GDPR and regional identity‐centric regulations. DevSecOps & Automation Familiarity. Experience with Identity Threat Detection & Response (ITDR). Key Competencies: Strategic thinking and IAM programme vision. Strong analytical and problem‐solving ability. Excellent communication and stakeholder engagement. ...

seeking an experienced Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally …/CD pipeline design and implementation Proven experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach ...

Security enhancement programme, focused on strengthening Azure and cloud security posture across enterprise-scale environments. You’ll work closely with Cyber, Cloud Engineering, IAM, Threat Detection & Response, and Vulnerability Management teams to design, implement, and operationalise Microsoft Defender for Cloud capabilities and broader Azure security best practices. … Collaborate with IAM teams to assess and improve Azure RBAC and PIM configurations Help operationalise Defender for Cloud processes, governance, and ownership models Support Threat Detection & Response teams with alerting and response readiness Contribute to the design of cloud vulnerability management processes Ensure remediation activities follow established change ...

modernisation, including migration from legacy identity platfo rmsOversee application onboarding and ensure secure identity integration patterns across the organisat ionDrive adoption of identity threat detection capabilities and identity-based risk management practi cesPartner with Security leadership to ensure compliance with regulatory, audit, and governance requireme ntsServe as escalation … Azure AD Con nectDeep understanding of IAM security controls including Conditional Access, Identity Protection, PIM, CIEM, and Govern anceExperience with identity threat detection tools and integration into broader security ecosys temsStrong knowledge of authentication protocols includ ing SAML, OAuth, OpenID Connect, Kerberos, and LDAPExperience working ...

governance standards, technical policies, and security best practices Provide consulting-level guidance on IAM adoption and migration from legacy identity platforms Lead identity threat detection initiatives and identity-based risk management strategies Conduct security assessments and configuration reviews across Entra environments Serve as the escalation point for critical … understanding of authentication and federation protocols including: SAML OAuth OpenID Connect Kerberos LDAP Familiarity with AWS IAM and GCP IAM strategies Experience with identity threat detection tools and security integrations Strong knowledge of workload identity, automation, and non-human identity management Experience performing IAM security assessments and configuration ...

Architect and implement next generation Microsoft cloud security across Azure and multi cloud environments. Drive adoption of Agentic AI for Security to enable autonomous detection, adaptive response, and continuous security posture improvement. Enhance Microsoft Sentinel with MCP (Model Context Protocol), Sentinel Data Lake, and Sentinel Graph capabilities for advanced … analytics, threat correlation, and automated workflows. Optimise and operationalise Defender XDR, Defender for Cloud, and Wiz to enhance cloud posture, workload protection, and risk visibility. Strengthen identity protection through Entra ID, Conditional Access, MFA, PIM/JIT, and Defender for Identity. Lead the automation of security operations using Sentinel ...

hands on with the Security Operations Centre to architect, evolve and oversee technical operations. The successful candidate will be instrumental in shaping the core detection and response capabilities of the SOC, leading engineering efforts across Elastic SIEM, Microsoft Sentinel, Defender for Endpoint, CrowdStrike, and MISP, while building robust ITSM … automation in JIRA Core role: Lead the technical design, implementation, and tuning of SIEM platforms (Elastic, Microsoft Sentinel). Engineer and operationalise endpoint detection capabilities using Defender for Endpoint, CrowdStrike, and Elastic Defend. Maintain and optimise threat intelligence workflows, including integrations with MISP. Build and maintain robust ITSM ...

responsibilities: Design and develop advanced risk models, including predictive, probabilistic, and scenario-based modelling approaches Apply data science techniques to risk scoring, anomaly detection, and threat assessment across complex datasets Build and deploy machine learning models into production, ensuring scalability and robustness Develop scenario simulations to model potential … predictive, probabilistic, simulation-based) in real environments Deep experience in risk modelling, including risk scoring frameworks, predictive risk analytics, and scenario modelling Experience in threat detection/anomaly detection, such as fraud, compliance, safety, or security use cases Strong grounding in statistics, hypothesis testing, and experimental design ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service. This role operates on a Monday to Friday ...

identify vulnerabilities within the organization’s systems and processes; recommend appropriate mitigation strategies. Technology Integration: Evaluate and select appropriate cybersecurity technologies (e.g., firewalls, intrusion detection systems, encryption tools) to enhance security posture and integrate them effectively. Cloud Security: Design and implement security solutions for cloud environments (IaaS, PaaS, SaaS … protection and compliance. Collaboration: Work collaboratively with IT, engineering, and business teams to ensure security is integrated into all stages of development and operations. Threat Management: Implement threat detection, incident response, and resilience strategies, including monitoring and analysis of security events and alerts. Regulatory Compliance: Ensure that ...

scaling a Next-Gen AI SOC (Autonomic Security Operations Model) Lead on investigations, and respond to security incidents across multiple client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/… other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures Collaborate with infrastructure and engineering teams to strengthen security posture Produce detailed incident reports and client-facing documentation Assist with vulnerability management and security compliance activities Contribute to mentoring ...

role in the technical sales process, helping organisations understand, evaluate, and successfully implement advanced cybersecurity solutions focused on malware analysis, sandboxing, and threat intelligence. The role combines deep technical expertise with customer-facing engagement, working closely with Sales, Product, Engineering, and Customer Success teams to deliver successful outcomes throughout … success and long-term adoption. Represent the business at cybersecurity conferences, trade shows, and industry events. Act as a trusted advisor on malware analysis, threat detection, incident response, and threat intelligence use cases. Gather market and customer feedback to help influence future product strategy and roadmap direction. ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

sessions; translate regulatory intent into engineering requirements that teams can implement. Mentor and coach Newpage and client engineers; raise the bar on secure coding, threat modeling, and incident response across the account. Engineer Security Into the Cloud Estate Design and operate hardened, multi-account or multi-subscription landing zones … Command Center. Lead Kubernetes and container security across managed offerings (EKS preferred; AKS, GKE accepted), including admission control, image signing (Sigstore/Cosign), runtime threat detection (Falco or equivalent), and Pod Security Standards enforcement. Drive supply-chain security to SLSA-aligned maturity: signed builds, attested artifacts, dependency provenance ...

contain, and remediate cyber threats, while enhancing both client and internal cyber resilience. The successful candidate will bring deep technical expertise in digital forensics, threat analysis, and incident response, combined with the ability to operate effectively in a fast paced, client-facing environment. Key Responsibilities Lead … procedures, and best practices for both client engagements and internal use Provide expert guidance during major incidents, including stakeholder communication and reporting Support proactive threat hunting initiatives in collaboration with SOC teams Produce clear, structured forensic reports suitable for both technical and non technical audiences Ensure evidence is handled ...

design, implementation, and ongoing effectiveness of security capabilities across IT and OT environments.You will engineer and maintain the technical capabilities that enable early threat detection, rapid and consistent response, and sustained cyber risk reduction , while translating cyber risk, regulatory, and business demands into practical, measurable, and operationally sustainable … implement and maintain security controls to meet business, compliance, and risk mitigation requirements; ensuring controls are effective, measurable, and operationally sustainable. Implement and maintain detection and response capabilities through SIEM integration with security controls and IT systems, with a focus on reducing time-to-detect and time-to-remediate ...

Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat Detection & Prevention Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation. Tune and optimise security tooling to improve detection capability ...

Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention Proactively identify emerging threats, vulnerabilities, and attack patterns affecting the organisation. Tune and optimise security tools to reduce false positives … improve detection accuracy. Implement, manage, and maintain endpoint protection and security policies. Support vulnerability management activities, including remediation planning and risk tracking. Security Operations & Continuous Improvement Maintain and enhance security monitoring rules, alerts, and dashboards. Contribute to the development and maintenance of security runbooks and incident response playbooks. Support ...

optimise core security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection posture, and compliance Own and support Microsoft Purview capabilities including Information Protection, Data Loss Prevention, Data Lifecycle Management … Insider Risk Management. Support enterprise data governance frameworks, ensuring alignment with FCA, GDPR, and internal data governance standards Conduct regular risk assessments, threat hunting, and vulnerability management to identify, track, and remediate security risks across cloud, endpoint, identity, and data platforms Collaborate with risk, compliance, data governance ...

Security Architecture strategy, embedding a measurable secure by design approach across all enterprise architectures, supported by formal metrics and architectural performance indicators. - Continuously enhance threat monitoring capabilities across cloud, endpoint, and network services, ensuring alignment with the EIS Cyber Security Roadmap. - Develop, implement, and oversee a comprehensive cyber security … posture and mitigates risk. - Design and lead the cyber security operating model, ensuring integration with organisational risk management and compliance processes. Monitor the external threat landscape and provide informed guidance to stakeholders. - Ensuring robust security policies and controls, overseeing audits, and maintaining regulatory compliance across the partnership. - Establish ...

containment and mitigation activities where authorised, including coordinating response actions with relevant teams and tooling. Continuous Improvement and PIR Learnings Develop and fine-tune detection rules and alerts to identify malicious activity, validating effectiveness and reducing false positives. Identify and implement lessons learned from incidents and post-incident reviews … PIRs) to improve processes, runbooks, and detection logic. Contribute to a culture of quality and standardisation by improving documentation and operational practices. Skills and Experience Required Strong technical communication skills in time-pressured environments, with excellent written communication (clear, structured incident notes and stakeholder updates). Strong foundational knowledge ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include … Acting SME on Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting, CI/ ...