1 to 25 of 34 Remote/Hybrid Threat Intelligence Jobs in the UK

Cyber Threat Intelligence Analyst 3-Month Fixed-Term Contract £45,000 – £55,000 pro rata (3-month fixed-term contract) Fully remote – Must be UK based UK-Based Immediate Start Preferred Are you a Cyber Threat Intelligence Analyst who thrives on staying ahead of emerging threats … enjoy analysing complex threat data and turning it into clear, actionable insight for security teams? Are you available for a 3-month contract where you can make an immediate impact within a threat-informed security function? We are recruiting for a Cyber Threat Intelligence Analyst ...

Cyber Threat Intelligence Analyst 3-Month Fixed-Term Contract £45,000 – £55,000 pro rata (3-month fixed-term contract) Fully remote – Must be UK based UK-Based Immediate Start Preferred Are you a Cyber Threat Intelligence Analyst who thrives on staying ahead of emerging threats … enjoy analysing complex threat data and turning it into clear, actionable insight for security teams? Are you available for a 3-month contract where you can make an immediate impact within a threat-informed security function? We are recruiting for a Cyber Threat Intelligence Analyst ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part … will lead and continuously enhance the management of vulnerability assessments across our hybrid IT estate. You will prioritise remediation activities using a risk based, threat informed approach, collaborating with stakeholders to strengthen the security posture of our systems and services. You will also oversee our threat intelligence ...

Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something exceptional and lead … defence strategies aligned with business priorities and risk posture. Act as the senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based ...

promptly. You'll also take ownership of improving operational maturity tuning alerts to reduce false positives, implementing automation through scripting or SOAR tooling, integrating threat intelligence, and establishing meaningful security metrics that clearly demonstrate risk reduction and performance to stakeholders across IT and the wider business. CYBER SECURITY … reduce false positives * Ability to define, measure, and report on security KPIs and risk metrics * Knowledge of automation techniques (SOAR tools, scripting) * Understanding of threat intelligence and proactive threat hunting * Strong communication and stakeholder engagement skills DESIRABLE * Familiarity with Azure and AWS security operations * Understanding of regulatory ...

Identify and assess critical vulnerabilities and zero-day threats, determining when expedited remediation is required. Assess vulnerability severity based on real-world exploitability, considering threat intelligence, exposure, asset criticality, and compensating controls. Maintain a defensible position on exploitable vs non-exploitable vulnerabilities, clearly documenting risk decisions and rationale. … Assess and articulate business risk based on exploitability, asset value, and threat intelligence. Remediation Coordination Work closely with internal technical teams and third-party partners to ensure vulnerabilities are remediated within agreed SLAs and risk tolerances. Develop remediation plans, monitor progress, and escalate high-risk issues where necessary. Support ...

significant modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into … internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play a key role in helping the firm gradually bring more detection and response capability in-house over time... ...

Manager – Key Responsibilities SOC Leadership & Operations Oversee daily SOC operations supporting a global 24×7 security monitoring capability Guide SOC analysts (L1–L3) and threat hunters to ensure efficient investigation and response Monitor operational performance and ensure adherence to SLAs and response timelines Drive continuous improvement across SOC processes … ensure aligned service delivery Deliver operational dashboards, performance reports, and executive summaries Track SOC metrics including MTTD, MTTR, SLA performance and investigation quality Threat Intelligence & Proactive Security Lead proactive threat hunting initiatives Ensure effective use of threat intelligence feeds and behavioural analytics Support security validation ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities … maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response, and malware analysis. Understanding of cyber threat intelligence, adversarial emulation tools, and common TTPs (Threat, Techniques, Procedures). Experience with forensic software such as Magnet Axiom or Autopsy. Proven ...

customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/… controls into CI/CD pipelines, helping support ongoing digital transformation and automation initiatives. AI/ML in Security Operations Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection, incident analysis, or automated response capabilities within SecOps. ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments Familiarity with risk management tools and methodologies. What ...

premise and hybrid environments. The role combines platform architecture, technical troubleshooting and customer advisory, supporting organisations that rely on the platform to manage cyber threat intelligence and security operations. Key responsibilities include: Guiding customers through the design and deployment of their platform infrastructure. Advising on sizing, architecture … Strong troubleshooting and problem-solving skills. Previous experience in customer-facing technical roles. Nice to have: Experience within the cyber security sector. Exposure to threat intelligence platforms or security operations environments. Personal qualities: Strong communication skills — able to explain complex architecture clearly. Analytical mindset and structured approach ...

that support modern security operations. Key Responsibilities Define and own the ServiceNow SecOps architecture across modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM, SOAR, EDR platforms, threat intelligence ...

misconfigurations across our estate, shining a light on hidden risks before they can impact our customers or operations. We deliver clear, actionable, and intelligence-led reporting that empowers teams to remediate effectively, strengthens security controls, and ensures we stay ahead of evolving threats. Through continuous monitoring, transparent communication … misconfigurations across infrastructure, applications, assets, and code whilst categorising and prioritising vulnerabilities based on severity, business impact, and criticality. Continually monitoring vulnerability data, threat intelligence, and scanning outputs to detect emerging risks. Proactively recording, managing, and escalating risks and produce clear, actionable vulnerability reports for technical and business ...

Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion … high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must be a British Citizen or a Dual UK national ...

Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual ...

clear and consistent internal and external incident communication workflows. * Develop detailed incident response playbooks, such as ransomware, business email compromise (BEC), data breach, insider threat, malware outbreak, DDoS attack, cloud service compromise. (Final scenarios to be agreed during discovery.) Strengthen Organisational Incident Preparedness * Conduct discovery sessions with technical … organisation. Collaborate Across the Business * Work closely with SOC staff, IT teams, legal, risk, compliance, communications, and senior leadership. * Convert technical details and threat intelligence into clear, actionable steps appropriate for operational use. Required Experience & Skills * Proven experience (typically 5+ years) in incident response, SOC operations, cybersecurity consulting ...

according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover ...

according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover ...

Supply Chain). Develop, maintain and lead the production of quarterly Enterprise Security Risk Products for senior leaders. Oversee multi-layered risk analysis covering threat scenarios, impacts, controls, and residual risk. Deliver Complex Security Risk Analysis Break down large, ambiguous or abstract security problems into structured analytical components. Gather … evaluate and synthesise information from diverse sources, including digital risk data, system-level risk assessments, threat intelligence, estate vulnerabilities, resilience data and people safety insights. Apply structured analytical methods to generate robust findings, uncertainty judgements, and evidence-based conclusions. Influence Decision Makers Produce clear, actionable insights to inform ...

Supply Chain). Develop, maintain and lead the production of quarterly Enterprise Security Risk Products for senior leaders. Oversee multi-layered risk analysis covering threat scenarios, impacts, controls, and residual risk. Deliver Complex Security Risk Analysis Break down large, ambiguous or abstract security problems into structured analytical components. Gather … evaluate and synthesise information from diverse sources, including digital risk data, system-level risk assessments, threat intelligence, estate vulnerabilities, resilience data and people safety insights. Apply structured analytical methods to generate robust findings, uncertainty judgements, and evidence-based conclusions. Influence Decision Makers Produce clear, actionable insights to inform ...

regulatory requirements. You will work closely with security operations, infrastructure, architecture, and compliance teams to prioritise delivery based on risk, business value, and evolving threat landscapes. Key Responsibilities Product Strategy & Vision Define and communicate a clear network security product vision aligned with Zero Trust architecture, governance frameworks, and regulatory … Access Control (NAC) Next-Generation Firewalls (NGFW) IDS/IPS platforms SIEM integrations Support deployments across physical, virtual, and cloud environments. Document security architectures, threat models, control frameworks, and policy workflows aligned to industry standards. Required Technical Expertise Strong understanding of network security fundamentals and Zero Trust architectures. Experience ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...

protective security, with the ability to drive innovation while balancing security requirements with service delivery and transformation needs. Strong ability to integrate external threat intelligence, organisational context and situational awareness to build a holistic threat picture, including the effective use of threat models and clear communication ...