51 to 75 of 152 Threat Detection Jobs in the UK

great opportunity for anyone looking to progress their career in a supportive and fast paced environment. What you'll be responsible for: Security Monitoring & Threat Detection - Specializing in SIEM tools to identify anomalies across cloud and data center environments, while developing and maintaining security monitoring during the Azure … transition. Incident Response & Threat Hunting - Assisting in containment, eradication, and recovery of incidents, proactively hunting for threats, and mitigating operational risks. Risk & Threat Management - Staying updated on emerging threats, assessing risks, and implementing detection rules using security tools. Project & Stakeholder Support - Providing security guidance to ensure SOC More ❯

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience More ❯

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience More ❯

IaC). Automate provisioning, deployment, and monitoring using PowerShell, Azure CLI, and Terraform. Design and implement security controls covering IAM, network security, encryption, and threat detection. Ensure compliance with frameworks such as NIST, ISO 27001, CIS Benchmarks, Cyber Essentials, and OWASP. Work with engineering, development, and digital teams to More ❯

Investment Management 💰 £££ Competitive Day Rate | Contract with Perm Option 📍 Central London | Hybrid Working ✅ Senior-level Cyber Security Engineer ✅ Core security disciplines – infrastructure, cloud, identity, threat, risk ✅ Initial contract with an option to convert to permanent employment You'll be working for a well-established investment management firm as a … broad security knowledge will directly impact infrastructure, cloud, data, and application integrity. The Role: Deliver security engineering across network, cloud, and endpoint infrastructure Support detection, response, and threat modelling Help mature identity & access management controls Lead on vulnerability remediation and risk assessments Act as SME in cross-functional … projects involving security tooling & design What You Need: ✔ Proven experience in senior security engineering roles ✔ Strong across core cyber disciplines – infrastructure, cloud, IAM, threat detection, risk ✔ Ability to balance strategic thinking with hands-on delivery ✔ Comfortable in a regulated environment (finance ideal but not essential) ✔ Confident communicator, able More ❯

Investment Management 💰 £££ Competitive Day Rate | Contract with Perm Option 📍 Central London | Hybrid Working ✅ Senior-level Cyber Security Engineer ✅ Core security disciplines – infrastructure, cloud, identity, threat, risk ✅ Initial contract with an option to convert to permanent employment You'll be working for a well-established investment management firm as a … broad security knowledge will directly impact infrastructure, cloud, data, and application integrity. The Role: Deliver security engineering across network, cloud, and endpoint infrastructure Support detection, response, and threat modelling Help mature identity & access management controls Lead on vulnerability remediation and risk assessments Act as SME in cross-functional … projects involving security tooling & design What You Need: ✔ Proven experience in senior security engineering roles ✔ Strong across core cyber disciplines – infrastructure, cloud, IAM, threat detection, risk ✔ Ability to balance strategic thinking with hands-on delivery ✔ Comfortable in a regulated environment (finance ideal but not essential) ✔ Confident communicator, able More ❯

data protection and ISO compliance. We are excited to be expanding our cyber security offering to encompass managed security services, specialising in security monitoring, threat detection, and response. As we expand, we are looking for a skilled and motivated SOC Engineer to help strengthen our security operations capabilities. … This role is ideal for someone who enjoys building security detection capabilities, automating processes, and enhancing security monitoring capabilities. Job Purpose As a Security Operations Engineer , you will be responsible for developing and fine-tuning security detection rules, integrating customer data sources, building security processes and documentation, and … enhance SOC efficiency. In addition, you will provide occasional support to SOC monitoring activities, assisting in incident analysis and response. Responsibilities Develop, optimise SIEM detection analytical rules, correlation rules and dashboards. Onboard and integrate log data sources, ensuring log collection, parsing, and normalisation. Assist in creation and maintenance of More ❯

the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.) Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation … logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health checks, performance tuning and capacity planning Skills Expertise in SIEM design, deployment and optimisation Hands-on expertise with … more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor More ❯

the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.) Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation … logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health checks, performance tuning and capacity planning Skills Expertise in SIEM design, deployment and optimisation Hands-on expertise with … more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor More ❯

and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design … and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and … Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical solutions. More ❯

a comprehensive UK benefits package, and flexible hybrid working. Your Responsibilities Will Include: Analysing security incidents and SOAR alerts with a methodical, threat-led approach. Designing and fine-tuning rules and playbooks to improve threat detection and response. Working with customers to shape and implement tailored security … monitoring workflows. Supporting both live operations and onboarding of new services. Researching threat intelligence to enhance SOC processes. Reviewing junior analyst cases and helping develop their capabilities. Owning ticket queues, meeting SLAs, and ensuring high-quality case records. Participating in projects across departments and improving internal procedures. Taking part More ❯

eradication, and recovery. Perform forensic analysis. Develop trusting relationships with critical third-party security providers. Prepare reports on security incidents and recommend improvements. Develop threat intelligence relevant to the business. Conduct threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate tools … threats, and technologies. Qualifications Relevant certifications (e.g., CompTIA Security+, CEH, CISSP) are desirable. Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option More ❯

SIEM/XDR tools such as IBM QRadar, Microsoft Sentinel, and Defender XDR. This role involves deeper client interaction, proactive risk management, and advanced threat detection consulting. Candidates must have demonstrated customer-facing experience (preferably in cybersecurity). Core Responsibilities: Manage and strengthen client relationships with regular strategic … Oversee and implement SIEM/XDR deployments, custom rule development, and incident response processes. Provide guidance on best practices for SIEM/XDR and threat detection. Conduct security posture reviews and gap analysis. Prepare reports and present findings to client stakeholders. Required Technical Skills: Advanced understanding of cybersecurity frameworks More ❯

operations, ensuring resilient and secure environments. 🏡 Key Responsibilities: Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design … and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. 🏡 What we’re looking for Solid background in information security with a focus on cloud security, security architecture, and EUC … in languages such as Powershell & Python. Proven track record in designing and implementing security architectures in complex environments. Experience with security engineering, incident response, threat hunting, or digital forensics. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, Microsoft Security Certifications, AWS Security Specialty. Knowledge of ITIL. 🏡 What More ❯

on safeguarding cloud infrastructure, digital platforms, and enterprise systems. You'll be hands-on with modern security technologies and play a critical role in threat detection, incident response, and automation of security controls across a diverse technology landscape. What You'll Be Doing: Deploy and manage cybersecurity tools More ❯

Manage risk proactively : identify and mitigate vulnerabilities across cloud environments and applications. Embed secure development : working with Engineering to integrate DevSecOps best practices. Enhance threat detection and incident response : improving our ability to react quickly and effectively. Assess and secure third-party vendors : ensuring strong security across our More ❯

that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint … cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through … organizations worldwide from phishing, ransomware, data theft, and other everyday and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available More ❯

eradication, and recovery. Perform forensic analysis. Develop trusting relationships with critical third-party security providers. Prepare reports on security incidents and recommend improvements. Develop threat intelligence relevant to the business. Conduct threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate tools … and assessments. Stay updated with the latest cybersecurity trends, threats, and technologies. Qualifications Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option More ❯

of SOC operations. Create and maintain SOC documentation, including runbooks, incident reports, and workflows. Contribute to continuous improvement initiatives within the SOC, including tuning detection rules and optimizing tools. Key Requirements Proven experience as a SOC Analyst or similar role, preferably within a Microsoft-focused environment. Strong knowledge and … hands-on experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity, and Azure Security features. Familiarity with threat detection, hunting, and analysis in cloud environments. Understanding of common attack frameworks (e.g., MITRE ATT&CK) and incident response methodologies. Excellent analytical and problem-solving skills with attention to More ❯

that arise. Lead incident response efforts, both internal and external, during security breaches and develop, test, and improve response plans for timely and effective threat management Manage IT-Security Awareness Trainings to ensure staff understanding and adherence to security protocols Manage the security architecture of the Group Continuously monitor … a plus. Understanding of relevant regulations such as GDPR, DPA, PIPL, PIPA. Cybersecurity Platforms & Tools: Experience with Training and Awareness platforms, Cyber Security Testing, Threat Detection and Response, Security Information and Event Management (SIEM) platforms. As a plus : Expertise in Vulnerability management tools, forensic analysis tools and methods More ❯

improve incident response. Key Requirements Strong experience with ManageEngine security tools. Hands-on expertise in SIEM, endpoint security, and IAM solutions. Knowledge of cyber threat detection, incident response, and compliance frameworks. Ability to analyze security logs and troubleshoot security incidents. Relevant certifications (e.g., CompTIA Security+, CISSP, CEH) are More ❯

environments. Coordinate with infrastructure and application teams to ensure timely and effective remediation. Collaborate with the Security Operations Centre (SOC) to correlate vulnerabilities with threat intelligence and incidents. Maintain and improve vulnerability management tooling and reporting frameworks. Contribute to security posture improvement through metrics, dashboards, and remediation tracking. Support … management. Key Skills & Experience: Proven experience in vulnerability management and Security Operations within a financial services. Experience working in or supporting a SOC or threat detection function. Strong knowledge of common vulnerabilities, exploits, and threat landscape. Understanding of security frameworks and standards such as NIST, ISO More ❯

environments. Coordinate with infrastructure and application teams to ensure timely and effective remediation. Collaborate with the Security Operations Centre (SOC) to correlate vulnerabilities with threat intelligence and incidents. Maintain and improve vulnerability management tooling and reporting frameworks. Contribute to security posture improvement through metrics, dashboards, and remediation tracking. Support … management. Key Skills & Experience: Proven experience in vulnerability management and Security Operations within a financial services. Experience working in or supporting a SOC or threat detection function. Strong knowledge of common vulnerabilities, exploits, and threat landscape. Understanding of security frameworks and standards such as NIST, ISO More ❯

that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint … cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through … organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available More ❯

Service provider that delivers comprehensive, cloud-based cybersecurity solutions tailored for midmarket and enterprise organizations. Their platform offers end-to-end protection through continuous threat detection and response, vulnerability management, and risk assessment. By leveraging advanced analytics, machine learning, and behavioural intelligence, they provide proactive monitoring, rapid incident … response, and compliance assurance across complex IT environments. Their solution suite includes managed detection and response (MDR), next-generation firewalls, endpoint protection, and integration with leading SIEM technologies to ensure a resilient security posture for organizations with 500 to 5000+ seats. The Role: As the Commercial Accounts Director, you … clients. Demonstrated success in managing complex, consultative sales cycles and consistently achieving or surpassing revenue goals. In-depth knowledge of cybersecurity solutions, including managed detection and response (MDR), advanced threat prevention, and integrated compliance frameworks. Exceptional communication, negotiation, and relationship-building skills, with the ability to engage effectively More ❯