26 to 50 of 150 Threat Detection Jobs in the UK

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems click apply for full job details More ❯

means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying … DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including oversight of an outsourced offshore third-party service. This function integrates secure practices into the development lifecycle and aligns with service transition processes to … against external threats and potential security vulnerabilities. NUMBER OF DIRECT REPORTS Circa 5 Key Responsibilities Strategic Leadership & Vision Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy and roadmaps, ensuring alignment with business requirements, services, strategic goals, and IT risk appetite. Develop short, medium, and long-term strategic goals and objectives More ❯

and commitment will allow you to deliver high quality outputs. Reporting to the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.You will help us deliver improvements across several of our cyber security domains including Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams. … Key Responsibilities: SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response Perform log source onboarding, parsing, and data normalisation on various data types Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations Log Management & Data Engineering: Engineer and maintain log pipelines using More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with … IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with … IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

agility. This means investing in talent, technologies, and tools that empower you to own your career.Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying … DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including oversight of an outsourced offshore third-party service.This function integrates secure practices into the development lifecycle and aligns with service transition processes to ensure … by protecting against external threats and potential security vulnerabilities.NUMBER OF DIRECT REPORTSCirca 5 KEY RESPONSIBILITIES Strategic Leadership & Vision Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy and roadmaps, ensuring alignment with business requirements, services, strategic goals, and IT risk appetite. Develop short, medium, and long-term strategic goals and objectives More ❯

An exciting opportunity has arisen for an accomplished SOC Incident Response & Threat Hunting Manager to lead a high-performing team within a dynamic and evolving Security Operations Centre (SOC) environment. This critical role is ideal for a technically proficient cybersecurity professional with a passion for proactive defence, threat intelligence, and strategic leadership. The successful candidate will oversee a … team of Tier 3 Security and Incident Response Analysts, driving advanced incident response, digital forensics, and threat hunting operations across a diverse customer base. Acting as a technical authority, the role will play a pivotal part in enhancing cyber resilience, refining detection capabilities, and leading complex investigations from detection through to remediation and review. Key Responsibilities Lead … mentor and develop a team of senior SOC analysts, ensuring the delivery of effective and efficient incident response and threat hunting operations. Oversee and coordinate high-severity incident response engagements, acting as incident lead when required, and guiding cross-functional teams through time-critical decision-making. Provide expert oversight on complex security incidents, ensuring technical accuracy, rapid containment, and More ❯

Flow environment. Policy Development : Create and enforce security policies and procedures to protect network resources and data. Security Management : Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems, and VPNs. Incident Response : Lead and coordinate responses to security incidents, including investigation, mitigation, and reporting. Compliance : Ensure compliance with relevant security standards and regulations, such … using Python, PowerShell, or Terraform. Security Certifications – Industry-recognized certifications such as CISSP, CISM, CCNP Security, AWS Certified Advanced Networking, or Nutanix Certified Professional – Multicloud Infrastructure (NCP-MCI). Threat Detection & Incident Response – Experience in real-time threat monitoring, and coordinated incident response efforts. Compliance & Governance – Familiarity with security frameworks and regulations such as GDPR, HIPAA, PCI … Networking (SDN) & Network Virtualization – Hands-on experience with SDN solutions and network segmentation strategies. Security Automation & Scripting – Proficiency in automating security workflows using Python, PowerShell, Terraform to enhance efficiency. Threat Hunting & Intelligence – Knowledge of threat intelligence platforms, attack vectors, and proactive threat hunting methodologies. Security Auditing & Assessment – Experience conducting risk assessments, penetration testing, and security audits for More ❯

Flow environment. Policy Development : Create and enforce security policies and procedures to protect network resources and data. Security Management : Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems, and VPNs. Incident Response : Lead and coordinate responses to security incidents, including investigation, mitigation, and reporting. Compliance : Ensure compliance with relevant security standards and regulations, such … using Python, PowerShell, or Terraform. Security Certifications – Industry-recognized certifications such as CISSP, CISM, CCNP Security, AWS Certified Advanced Networking, or Nutanix Certified Professional – Multicloud Infrastructure (NCP-MCI). Threat Detection & Incident Response – Experience in real-time threat monitoring, and coordinated incident response efforts. Compliance & Governance – Familiarity with security frameworks and regulations such as GDPR, HIPAA, PCI … Networking (SDN) & Network Virtualization – Hands-on experience with SDN solutions and network segmentation strategies. Security Automation & Scripting – Proficiency in automating security workflows using Python, PowerShell, Terraform to enhance efficiency. Threat Hunting & Intelligence – Knowledge of threat intelligence platforms, attack vectors, and proactive threat hunting methodologies. Security Auditing & Assessment – Experience conducting risk assessments, penetration testing, and security audits for More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

CYSA+, SEC+, BLT1, SC-900 etc... This could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: - Experience in an IT-focused … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

technical acumen to embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across … security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and/or compromise assessments to identify active or dormant More ❯

pivotal role in strengthening cyber resilience. You’ll have the freedom to make a real impact—defining strategy, driving continual improvement, and mentoring talented analysts to deliver world-class detection and response capabilities. As the SOC Operations Manager, you will: Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence. Oversee the full … lifecycle of security incidents — from detection through to resolution and review. Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee vulnerability management, threat intelligence, and incident response plans. Communicate security posture, risks, and incident outcomes clearly to … a number of the following to this SOC Operations Manager role: Proven experience leading SOC operations in a 24×7 or multi-client environment. Strong background in incident management, threat detection, and escalation processes. Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing More ❯

seeking a skilled Cyber Security and Resilience Engineer to play a pivotal role in fortifying security infrastructure. You will support our Cyber Security Operations strategy by managing and optimising threat protection and detection tools across web, email, endpoints, and cloud environments. This is an exciting opportunity to work closely with cross-functional teams, outsourced security partners, and internal … on expertise with Azure, Entra, and Microsoft 365 Cloud Security Engineering Proficiency in writing complex PowerShell scripts Experience managing security for IaaS, PaaS, and SaaS platforms Strong understanding of threat detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT More ❯

seeking a skilled Cyber Security and Resilience Engineer to play a pivotal role in fortifying security infrastructure. You will support our Cyber Security Operations strategy by managing and optimising threat protection and detection tools across web, email, endpoints, and cloud environments. This is an exciting opportunity to work closely with cross-functional teams, outsourced security partners, and internal … on expertise with Azure, Entra, and Microsoft 365 Cloud Security Engineering Proficiency in writing complex PowerShell scripts Experience managing security for IaaS, PaaS, and SaaS platforms Strong understanding of threat detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT More ❯

in the City of London. This permanent role sits within a mature security function responsible for global operational security across IT infrastructure and business applications – including privileged access management, threat protection, threat detection and incident management. Working closely with the IT Security Manager, you will help ensure security services are delivered effectively and that core controls remain More ❯

in the City of London. This permanent role sits within a mature security function responsible for global operational security across IT infrastructure and business applications – including privileged access management, threat protection, threat detection and incident management. Working closely with the IT Security Manager, you will help ensure security services are delivered effectively and that core controls remain More ❯

team across SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and … o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high-performing teams across technical and governance More ❯