76 to 100 of 150 Threat Detection Jobs in the UK

end-to-end security controls across ION Markets on-premises infrastructure and other internal platforms. The role spans security architecture, engineering, and operations with a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be participating in threat detection, incident response and vulnerability management remediation. You will be … best practices. Stay up to date with the latest security threats, news, intelligence, tactics, techniques, and vulnerabilities; conduct research and analysis to assess potential impact and exposure. Perform proactive threat hunting activities, and manage the triage, investigation, and escalation of security alerts. Develop Standard operating procedures for operations & architecture activities. Required Skills, Experience and Qualifications Degree/diploma/ More ❯

communication skills including verbal and written. Partner with CrowdStrike teams to troubleshoot and resolve customer issues. Adept in Windows, Linux, and MAC operating systems. Experience or demonstrated knowledge of threat detection and incident response. Bachelor's degree in Technology and/or Cybersecurity or relevant experience. *Bonus Points:* Incident Management and CSIRT operation Change Management Malicious Code: Detection and Response Audit, Logging, and Monitoring Controls (SIEM, UEBA, MDR/XDR). Intrusion Detection and Response Experience working with complex, sophisticated clients Strong analytical capabilities and a desire to learn new things Able to work across multiple teams to resolve customer issues and requests Demonstrated experience as a security advisor or consultant Knowledge of the following frameworks … need help submitting an application for employment or requesting an accommodation, please contact us at for further assistance. , *Bonus Points:* Incident Management and CSIRT operation Change Management Malicious Code: Detection and Response Audit, Logging, and Monitoring Controls (SIEM, UEBA, MDR/XDR). Intrusion Detection and Response Experience working with complex, sophisticated clients Strong analytical capabilities and a More ❯

using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for … vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record More ❯

customer experience. Own and govern IAM standards (RBAC, joiner/mover/leaver, privileged access, MFA, SSO) across corporate, store and customer facing platforms. Oversee operational security activities, including threat detection, vulnerability management, and incident response. Coordinate penetration testing, red team, and vulnerability remediation across applications, infrastructure, and cloud environments. Develop and maintain incident response playbooks and lead … investigations where required. Partner with our Managed SOC and technology teams to strengthen detection, response, and automation capabilities. Embed secure by design principles and DevSecOps practices across engineering and delivery teams. Partner with Legal and the DPO on DPIAs, data transfer assessments and privacy by design: Define and maintain the information classification and handling standard. Ensure security controls for More ❯

renewable energy assets, and millions of customers. Your Responsibilities (Up to 10, avoid repetition) Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response , Vulnerability Response , Threat Intelligence , and Configuration Compliance . Lead integration of ServiceNow with key cybersecurity tools - SIEM , SOAR , EDR , CMDB , Threat Intelligence platforms , and OT/ICS systems . Collaborate across … controls into CI/CD pipelines , supporting digital transformation and automation initiatives. AI/ML in Security Operations: Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection , incident analysis , or automated response capabilities within SecOps. More ❯

end users, our mission is to enable secure cloud and end-user services guided by our Zero Trust Security Model. Our teams specialise in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies—balancing exceptional user experience with enterprise-grade security. We operate under an ISO/IEC 27001-certified ISMS and an ITIL … and AWS including, but not limited to, private hosted environment (VPC/Vnet), private connectivity (endpoint, VPN services, etc.) Physical/Virtual/WebApp Firewalls for access controls, and threat detection. Automate provisioning and configuration using Terraform, Ansible, Azure CLI, and PowerShell. Contribute to CI/CD integration for infrastructure as code. Support and evolve exiting topologies and connectivity More ❯

end users, our mission is to enable secure cloud and end-user services guided by our Zero Trust Security Model. Our teams specialise in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies—balancing exceptional user experience with enterprise-grade security. We operate under an ISO/IEC 27001-certified ISMS and an ITIL … and AWS including, but not limited to, private hosted environment (VPC/Vnet), private connectivity (endpoint, VPN services, etc.) Physical/Virtual/WebApp Firewalls for access controls, and threat detection. Automate provisioning and configuration using Terraform, Ansible, Azure CLI, and PowerShell. Contribute to CI/CD integration for infrastructure as code. Support and evolve exiting topologies and connectivity More ❯

HA, DPI). Knowledge of FortiManager and FortiAnalyzer for centralised management and logging. Understanding of Forti Authenticator and Endpoint Management Server Experience managing security policies, NAT, SSL inspection, and threat protection profiles. Familiarity with firewall migrations and multi-tenant environments. Wi-Fi & Wireless Networks - Knowledge of wireless network configurations and troubleshooting, especially with systems like Cisco Meraki or Extreme … Endpoint Management – Microsoft Intune for device compliance, policy deployment, and remote support. Security Awareness – Understanding of fundamental security principles, such as MFA, conditional access, secure password practices, and basic threat detection or response processes. Technical Certifications Engineers should be working towards or have attained some of the certifications below. Current certifications would be a distinct advantage. Cisco – CCNA More ❯

HA, DPI). Knowledge of FortiManager and FortiAnalyzer for centralised management and logging. Understanding of Forti Authenticator and Endpoint Management Server Experience managing security policies, NAT, SSL inspection, and threat protection profiles. Familiarity with firewall migrations and multi-tenant environments. Wi-Fi & Wireless Networks - Knowledge of wireless network configurations and troubleshooting, especially with systems like Cisco Meraki or Extreme … Endpoint Management – Microsoft Intune for device compliance, policy deployment, and remote support. Security Awareness – Understanding of fundamental security principles, such as MFA, conditional access, secure password practices, and basic threat detection or response processes. Technical Certifications Engineers should be working towards or have attained some of the certifications below. Current certifications would be a distinct advantage. Cisco – CCNA More ❯

Smiths Detection , part of Smiths Group , is a global leader in threat detection and screening technologies for aviation, ports & borders, defense, and urban security. Our expertise is spread across 5 R&D centers, 21 Global Offices and 7 Manufacturing Sites with 3000 Brilliant minds globally contributing for over 40 years at the frontline which enables us to … deliver the solutions needed to protect our society from any threat and illegal passage of explosives, prohibited weapons, contraband, toxic chemicals, and narcotics. Every minute of every day, our technology and talented team members help to make the world a safer place - Job Description To lead the strategic direction and management of the IT Project Management Office (PMO), ensuring … proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity. At no time during the hiring process will Smiths Detection, Smiths Group, nor any of our recruitment partners ever request payment to enable participation - including, but not limited to, interviews or testing. Avoid fraudulent requests by applying jobs directly More ❯

Ready to take the lead in safeguarding complex digital ecosystems? Join a specialised cybersecurity consultancy dedicated to protecting organisations through advanced threat detection, incident response, and security architecture expertise. The organisation is recognised for its proactive approach to risk management and its commitment to delivering resilient, compliant, and secure technology environments. The team is hiring a Senior Cyber More ❯

SecOps Engineer to join our customers team based in London. This is a permanent position paying up to £70,000 depending on experience. Proactively monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics etc. for alerts, conducting event analysis, and incident and problem management Triage, analysis, and prioritisation of security incidents Document technical More ❯

on premises environments. Working closely with infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation, assessments and continuous improvement activities. CYBER … including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with endpoint protection and vulnerability … application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

on premises environments. Working closely with infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation, assessments and continuous improvement activities. CYBER … including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with endpoint protection and vulnerability … application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

remediation, and integration with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong More ❯

the customer. Collaborate with stakeholders to tailor Sentinel use cases to the customer's security requirements. Provide ongoing support, tuning, and troubleshooting of Sentinel implementations. Ensure best practices for threat detection, incident response, and monitoring are applied. What You Will Ideally Bring: Deep, hands-on experience with Microsoft Sentinel and Azure security services. Strong understanding of SIEM concepts … as a trusted advisor/SME for security operations and SIEM tools. Excellent communication skills with the ability to work closely with customers remotely. Strong problem-solving, analytical, and threat-hunting abilities. Contract Details: Duration: 6 months Initially Location: Remote Day Rate: Up to £500 per day (Outside IR35) Sentinel SME - 6 months - Remote - Outside IR35 More ❯

Lead the design and implementation of scalable, automated solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all More ❯

inconsistencies. Facilitate smooth transitions across IT and OT environments, including hypercare and process adaptations. Investigate and resolve IAM security incidents, access anomalies, and authentication issues. Review and monitor Identity Threat Detection & Response (ITDR) systems. Collaborate with SOC teams to detect privileged account misuse and insider threats. Identity & Access Management (IAM): Design, implement, and maintain IAM solutions leveraging Active … integration. Privileged Access Management: CyberArk – Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional SailPoint IdentityNow/IdentityIQ Engineer CyberArk Defender/Guardian CISSP or Certified Identity and More ❯

inconsistencies. Facilitate smooth transitions across IT and OT environments, including hypercare and process adaptations. Investigate and resolve IAM security incidents, access anomalies, and authentication issues. Review and monitor Identity Threat Detection & Response (ITDR) systems. Collaborate with SOC teams to detect privileged account misuse and insider threats. Identity & Access Management (IAM): Design, implement, and maintain IAM solutions leveraging Active … integration. Privileged Access Management: CyberArk – Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional SailPoint IdentityNow/IdentityIQ Engineer CyberArk Defender/Guardian CISSP or Certified Identity and More ❯

cybersecurity role. Expert knowledge of Splunk (preferably Splunk Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS More ❯

cybersecurity role. Expert knowledge of Splunk (preferably Splunk Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS More ❯

Analysing, prioritising, and escalating potential threats to keep clients secure. Responding rapidly to incidents and maintaining vigilance across multiple environments. Collaborating closely with your SOC teammates to ensure seamless threat detection and incident response. 🧠 What You’ll Bring A genuine passion for cybersecurity and the drive to grow in the field. Relevant certifications such as CompTIA Security+ or More ❯

. Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Experience defining security configurations and collaborating with engineers to apply them consistently across the entire More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯