1 to 25 of 66 Remote Threat Intelligence Jobs in the UK

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing More ❯

swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis … and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections … while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA More ❯

Security: Possess knowledge of secure software development lifecycles, application architectures, key attack vectors, and corresponding compensating controls. Cloud Security (Microsoft): Demonstrated experience and proficiency in securing cloud environments. Cyber Threat Intelligence: Ability to analyse and respond to emerging cyber threats and how this can be used to update secure architecture principles. About What You'll Get A competitive More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units More ❯

fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯

Implementation, Cyber Strategy, Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and … Implementation, Cyber Strategy, Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and More ❯

Management (SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key … improving our security operations processes, escalation paths and playbooks. Leveraging AI capabilities to enhance the effectiveness of our security capabilities and your own productivity in the role. Consuming relevant threat intelligence to drive proactive action within the Cyber Security and wider IT environment. Indicative Performance Measures Mean time for business recovery to C1 (Highest criticality) level security incidents … and following common response frameworks. Experience within the gaming industry providing security operations support to game releases, game infrastructure monitoring and live game operations. Strong appreciation of the cyber threat landscape and attacker tactics, techniques and procedures. Experience developing operational processes and playbooks. Desirable Interpersonal Skills: Ability to remain composed and effective during high-pressure situations. Clear focus on More ❯

Federation of Security Operations Centre (SOC)operations across two or more organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise More ❯

customers go about their daily job of protecting their communities and saving lives. You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimization. You will conduct security assessments of our applications, identify issues, and help address them early in the development cycle. You'll … systems and applications. Conduct internal security assessments of APIs and Cloud infrastructure, validate controls, design across our estate, and lead remediation activities prioritization. Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments. Provide technical support with risk assessments on PHI, and steering improvements to … our environment in line with common standards such as NIST. Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization. Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defenses for us as an organization. Work collaboratively cross-team, to impart your expertise More ❯

and information security capabilities. Working closely across our business areas, you will ensure that our digital assets, data, intellectual property and operational technologies are continuously protected against an evolving threat landscape. We are looking for a passionate individual where your expertise, diversity of thought and broad experiences will directly contribute to the successful achievement of our Bicycle ambition - to … will be responsible for: Security Operations Center Lead (SOC Lead) for Bicycle ensuring that incidents are detected, analysed, responded to and reported effectively to protect Bicycle Therapeutics daily activities. Threat intelligence and proactive defence to predict and proactively defend against cyberattacks Proactive maintenance and continuous improvement of the Cyber Security Management System to ensure effective protection and resilience … record of cyber and information security delivery, with relevant industry or academic experience to meet the requirements of the role. Delivery within a proactive cybersecurity system where monitoring and threat intelligence drive delivery alongside great response to incidents as they emerge, including in partnership with 3rd parties. Familiar with the application of security certifications such as ISO27001, NIST More ❯

track record of successfully handling a wide variety of cases, from minor incidents to major investigations. Your main duties will be handling security incidents, conducting forensic investigations and analyses, threat hunting, and performing various security specialist tasks. Additionally, you will manage security incident cases, develop processes and ways of working, and be part of our SOC Tier 3 team … information and event management Modern cyber defense solutions File systems Network protocols Routers, firewalls, IDS/IPS Scripting (powershell/python) Use of incident management tools OSINT and cyber-threat intelligence gathering Familiarity with cybersecurity processes Background from system administration or Security Operation Center/CSIRT work is considered an advantage. Computer forensics expertise, penetration testing experience, academic … A customer-centered mindset Strong problem solving skills Ability to deal with a large amount of information in a limited time Skills in malware analysis and reverse engineering A 'threat hunter' mindset and skillset More ❯

day basis. Provide out of hours technical escalation support to shift analysts Main Duties and Responsibilities: Developing SIEM detection rules and tuning alerts across our client estates. Conduct proactive threat intelligence research and carry out threat hunting across client estates Training of analysts and developing training resources and materials Act as a point of escalation for the … Understanding of security attack vectors and techniques utilised, including areas such as Business Email & user account Compromise, malicious payload installation & execution and reconnaissance activity. Understanding of the everchanging emerging threat landscape and how to interpret these threats to create initiate mitigation actions across a clients security estate. Willingness to learn, adapt, and innovate Critical thinking and analytical skills Excellent More ❯

designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as More ❯

approach and be able to translate complex technical risks into clear and actionable insights for the organisation. Responsibilities: Development and management of the security operational roadmap, ensuring vulnerability management, threat detection and effective incident management. Be the primary point of escalation for security events and incidents in the organisation. Leading on, developing and implementing the cyber security strategy across … as CISM, CISSP, CISA. Proven experience as a cyber security leader, responsible for security strategy with a strong technical understanding. Strong knowledge of cyber risk management, vulnerability management and threat intelligence. Knowledge of compliance and regulatory frameworks such as Cyber Essentials, GDPR and ISO 27001. Certifications in Microsoft security such as AZ-500, SC-200, SC-300 are desirable. More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable More ❯