51 to 75 of 146 Threat Detection Jobs in the UK

security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include … Acting SME on Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting, CI/ ...

environment. Analyse security incidents to determine scope, impact, and priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs … policy violations. Work closely with technical teams to support containment and remediation of security incidents. Support continuous improvement of SOC processes, tooling, and detection capability. Contribute to security reporting, documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical ...

security architecture, collector deployment and asset coverage Standardise and enhance Armis configurations aligned to best practices Tune alerts, reduce false positives and improve threat visibility Improve asset inventory, vulnerability management and reporting accuracy Design and implement new OT threat detection use cases Develop reporting across assets, vulnerabilities ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

firewall policy, network segmentation and workload segmentation Managing and hardening Palo Alto Networks firewalls, including Panorama, App-ID/User-ID, NAT, VPN and threat prevention Supporting Cisco security technologies, including ASA/FTD firewalls, ISE and secure routing/switching Working with VMware NSX/vDefend security controls … including distributed firewall policies and micro-segmentation Working with Elastic Stack/Elastic Security for logging, SIEM, monitoring, threat detection and dashboards Supporting AWS/public cloud security across secure and regulated environments Hardening Windows Server environments, Active Directory, Group Policy and endpoint configurations Implementing, auditing and remediating ...

assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security … ISC2 certifications Experience with cloud platforms such as Amazon Web Services, Microsoft Azure, or Google Cloud Scripting experience (PowerShell, Python, or Bash) Exposure to threat hunting or SIEM rule development What's On Offer Salary up to £55,000 depending on experience Opportunity to work with modern security tools ...

assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security … ISC2 certifications Experience with cloud platforms such as Amazon Web Services, Microsoft Azure, or Google Cloud Scripting experience (PowerShell, Python, or Bash) Exposure to threat hunting or SIEM rule development What's On Offer Salary up to £55,000 depending on experience Opportunity to work with modern security tools ...

cyber security matters, providing clear guidance to leadership and technical teams Lead engagement with a third-party Security Operations Centre (SOC), ensuring effective monitoring, detection and response Oversee incident management, including coordination, post-incident reviews and continuous improvement actions Own and manage key security platforms, including security awareness … third-party and supplier security posture where required Profile Proven experience in a cyber security engineering Strong understanding of cyber risk management, incident response, threat detection and security governance Very strong familiarity with Microsoft security technologies, including Microsoft 365, E5 licensing and the associated security stack (e.g. identity ...

hybrid environments developing, implementing and maintaining cyber security strategy and governance (aligned to various frameworks e.g. ISO27001, NIST, Cyber Essentials) overseeing security operations (SOC, threat detection, vulnerability management etc.), and incident response plans risk management and compliance, ensuring compliance with various standards and frameworks About you Applicants ...

working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies ...

industrial control system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based … activities Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such … technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies ...

fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions … Microsoft Entra and Microsoft 365 security services. Advanced knowledge of the Defender suite, Sentinel architecture, Entra ID, identity security, cloud workload protection, endpoint security, threat detection and security operations. Advanced knowledge of cloud security frameworks and guidance, including CIS, NIST, ISO 27001, Azure Cloud Adoption Framework and Microsoft ...

governance, compliance and risk activity aligned to ISO 27001 and NIST. Requirements: Experience in Security Operations, Cyber Security Engineering or SecOps. Strong knowledge of threat detection, incident response, endpoint security and vulnerability management. Exposure to Microsoft Azure. Experience with tools such as CrowdStrike, Absolute, Sumo Logic, Rapid7 ...

Security Operations & Vendor Oversight Own and manage relationships with outsourced 24/7 SOC/MDR providers Monitor performance against SLAs and ensure proactive threat detection across cloud environments Manage security incident escalations and coordinate response activities across internal and external teams Drive value and accountability from third ...

technical teams. Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft ...

cyber security strategy aligned to business priorities, whilst establishing and maintaining security policies, standards, and governance frameworks. You will oversee security operations, including incident detection, response, and continuous improvement, and manage key third-party security service providers, ensuring performance and accountability. Risk management activities will be key, including assessments … will have the following experience: Proven interim experience in a Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls ...

Pipelines with Bicep/Terraform and proficiency in scripting/programming languages such as Python/Go. Experience with Sentinel deployments, log management, and threat detection is required, including expertise in dashboard creation, query development, and alert configuration. Additional experience in Splunk deployments is beneficial. This role sits … Function Apps to streamline security operations. SIEM Expertise: Deploy, configure, manage, and optimize Sentinel for security monitoring, log ingestion, query development, and threat detection. Technical Leadership: Provide technical guidance and mentorship to junior engineers, fostering a culture of continuous learning and improvement. Client Engagement: Work closely with clients ...

across multi-site and cloud environments (Azure-focused) Design and implement security controls aligned to business risk Work closely with a SOC to enhance threat detection and response Automate security processes and improve operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

their security operations and help shape their cyber maturity. This is a genuinely impactful role - you'll be the go-to for incident response, threat detection, and vulnerability management, while working closely with IT, risk, and external partners. What you'll be doing: Leading cyber incident response … Monitoring and tuning SIEM/detection capabilities Driving vulnerability management and remediation Improving security tooling across endpoints, identity, and infrastructure Supporting compliance (Cyber Essentials, ISO 27001) Acting as a key voice in strengthening overall security posture What they're looking for: Strong background in cyber security operations Hands ...

DevSecOps Engineer specializes in designing and implementing secure infrastructure architecture within our multi-cloud environment. This role focuses on building security-first infrastructure solutions, threat detection systems, and compliance frameworks across AWS and Alibaba Cloud platforms. Where You Will Make a Difference Design and implement secure multi-cloud … hardening for MySQL, PostgreSQL, and Redis clusters Design network segmentation and micro-segmentation strategies for containerized environments Develop security automation tools and infrastructure for threat hunting and incident response Architect backup and disaster recovery infrastructure with security controls and encryption Build security testing infrastructure for application and infrastructure vulnerability ...

security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests … Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure management, Data privacy principles and data subject rights. PLEASE NOTE: This role will fall ...