76 to 100 of 145 Threat Detection Jobs in the UK

Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and … fine-tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

digital assets while staying updated on the latest security threats and trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data More ❯

and reporting across Formula 1 s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1 s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1 s cyber security, infrastructure, and digital teams on new and existing More ❯

and reporting across Formula 1’s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1’s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing More ❯

end-to-end security controls across ION Markets on-premises infrastructure and other internal platforms. The role spans security architecture, engineering, and operations with a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be leading and participating in threat detection, incident response and vulnerability management remediation. You … best practices. Stay up to date with the latest security threats, news, intelligence, tactics, techniques, and vulnerabilities; conduct research and analysis to assess potential impact and exposure. Perform proactive threat hunting activities, and manage the triage, investigation, and escalation of security alerts. Develop Standard operating procedures for operations & architecture activities. Required Skills, Experience and Qualifications Degree/diploma/ More ❯

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance … security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced environment. More ❯

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance … security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced environment. More ❯

your technical expertise will be pivotal. You'll also play a critical role in shaping and safeguarding the organisation's cybersecurity posture - designing and implementing robust security protocols, managing threat detection and response, and ensuring compliance with key standards such as GDPR, Cyber Essentials, and ISO 27001. Collaboration is key, as you'll work closely with IT support … support. Familiar with VMware for virtualisation and cloud-based UC telephony systems. Solid understanding of DNS, DHCP, VPN access, and administration. Hands-on experience with firewalls (e.g., Fortinet), intrusion detection/prevention systems, and Cisco networking/routing. Knowledge of security best practices, including EDR/XDR platforms and antivirus solutions (e.g., EPO). Familiar with identity and access More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

experience onboarding and managing log sources in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting . Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.) . Experience working in a … Security Operations environment or supporting SOC functions . Understanding of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the More ❯

link Copy link Bachelor's degree or equivalent practical experience. 5 years of experience in cybersecurity, with an offensive security (e.g., Red Teaming, Penetration Testing, or Adversary Simulation) or threat modeling. Experience in a Security Operations Centre (SOC) or similar environment, with modern threat landscapes and attack techniques. Experience in technical troubleshooting and writing code in one or … more programming languages. Experience in threat modeling methodologies (e.g., STRIDE, PASTA, or attack trees) and secure system design principles. Eligibility to obtain UK Developed Vetting (DV) security clearance; British Citizenship is required for this role. Preferred qualifications: Certifications in OSCE3, CRTP/CRTE, GIAC GCSA/Kubernetes-related, OSCP, OSCE, CRTO, CISSP, or GIAC (e.g., GPEN, GCTI, GWAPT). … Experience designing or executing Purple Team exercises, combining offensive tactics with defensive feedback to drive continuous improvement. Experience with Kubernetes security, including secure cluster configuration, workload hardening, and threat detection in containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

fund that is number one in their specialist area and is currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach. Automate manual processes utilizing Infrastructure as Code (IaC). Collaborate and co-develop with external suppliers and internal engineering … teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming languages such as Python, Rust, C++, or others. Knowledge of SecOps tooling (SIEM, SOAR, Threat Intelligence). More ❯

and LogRhythm to join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate … security alerts from Microsoft Sentinel and LogRhythm . Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and More ❯

clients enable advanced cyber defences that reduce risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at the forefront of … framework policies, procedures, and standards that align with clients' goals and industry best practices. Conduct tabletops/workshops with clients discussing information security best practices, incident response, and the threat landscape. Advise clients on compliance requirements, such as GDPR, HIPAA, NIST, ISO 27001, and other relevant regulations. Stay up to date with the latest cybersecurity threats, trends, and regulatory More ❯

IT environments. Experience with penetration testing and vulnerability assessments; certifications such as CEH (Certified Ethical Hacker) are an advantage Solid hands-on experience managing and administering SIEM platforms for threat detection and incident analysis. Strong interpersonal and communication skills, with the ability to collaborate across teams-including non-technical stakeholders Analytical mindset combined with a pragmatic, solution-oriented More ❯

are fundamental to providing industry-leading customer service. About the Cyber Security Engineer role. The role of our Cyber Security Engineer involves discovering system vulnerabilities via penetration testing or threat modelling, working with DevOps, IT and compliance teams to enforce policies, responding to security incidents, and evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and Systems … Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks are operating securely. Security Tools Implementation: Recommend and implement security tools to enhance … years of experience in IT Infrastructure including security. Strong understanding of network protocols and security technologies. Proficiency in using security tools such as firewalls, antivirus, and intrusion detection systems. Excellent analytical and problem-solving skills. Ability to work under pressure and handle multiple tasks simultaneously. Strong communication and interpersonal skills. What you'll get in return. From 23 days More ❯

Work for a Not-for-Profit compliance company working in the green sector. Responsible for: 1) Cyber Security governance and delivery across the company and their suppliers. Covering: Governance, threat detection, reports, SIEM, DevSecOps 2) Cloud Architecture and Resilience. AWS estate and the platform applications. Assessment of risk and resilience. AWS cloud costs, technical debt, overview of architecture. … This is not a technical hands-on position (other than maybe some config and creation of threat reports). However, you will need a technical background which will give you the authority to discuss architecture at C-Level and engage with 3rd parties. Reporting to Head of IT you will be the lead on Cyber Security and Resilience. More ❯

projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability for specific environments, and determine optimal implementation timing and approach. Manage large-scale programmatic engagements, including stakeholder engagement, scoping … and issue escalation. Business development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long-term More ❯

projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability for specific environments, and determine optimal implementation timing and approach. Manage large-scale programmatic engagements, including stakeholder engagement, scoping … and issue escalation. Business development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long-term More ❯

Operations Centre runs.As SOC Shift Leader, you’ll work across three rotating teams of Tier 1 and Tier 2 analysts, keeping everything running smoothly, ensuring the highest standards in threat detection, and making sure every shift hands over cleanly to the next. You’ll still be hands-on with alerts, triage, and tooling, but you’ll also be … processes, updating SOPs, and helping the SOC evolve. You’ll be the SOC Shift Leader who bridges the gap between the analysts on the floor and the SOC Manager, Threat Intelligence, and Incident Response teams making sure communication is clear and everyone is aligned.To secure this SOC Shift Leader role you will have: Strong cyber security background across network More ❯