1 to 25 of 32 Remote/Hybrid Threat Intelligence Jobs in the UK

security of supply through facilities in Europe, the UK, and the United States. Your Role: You will be responsible for revising, developing, and maturing Threat Intelligence processes, tooling, and policies to strengthen existing services and ensure they remain effective against a constantly evolving external threat landscape. This … includes identifying external cyber risks that may impact the organisation, highlighting associated challenges, and driving improvements to the quality, timeliness, and operational effectiveness of intelligence outputs. The role will work closely with internal and external stakeholders, building strong, trusted relationships across the business and with peer organisations within ...

become trusted advisors to our clients. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks. This will involve being on the front foot of new and emerging threats, and ensuring … affected and actions they can take. Technical testing ; vulnerability scanning, attack surface discovery, manual exploit validation, light‐touch pentesting and Open‐Source Intelligence (OSINT) gathering Client Engagement ; translating client challenges into solutions that fit S‐RM’s ASM service offerings and value proposition, understanding and supporting the proposal process ...

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay … exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office ...

detail-driven Senior Cyber Operations Analyst to join their team. This is a fantastic opportunity to work with cutting-edge tooling, contribute to threat-driven defensive security, and shape advanced SecOps capabilities across enterprise environments. About the Role As a Senior Cyber Operations Analyst at Associate Manager level … heart of a thriving Cyber Practice covering Assurance, Compliance, SecOps, Offensive Security and Research. You'll play a pivotal part in threat detection, incident response, detection engineering, and security monitoring - helping defend major UK organisations. This role is perfect for someone who thrives in technical depth, enjoys problem-solving ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

performing Security Operations Centre (SOC). This role is ideal for someone who combines hands-on security expertise with strong leadership to drive effective threat detection, incident response, and continuous improvement of security operations. What You’ll Do Lead and mentor a team of SOC analysts (8+ members … incident response (detection, triage, escalation, resolution) Oversee and enhance security monitoring (SIEM tools like Splunk, Sentinel, QRadar) Drive threat intelligence and proactive threat hunting initiatives Define and report on security metrics, KPIs, and risk insights Manage vendors/MSSPs and ensure SLA/KPI adherence Collaborate with ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 5+ years experience as a Cyber Security Operations Analyst Familiarity with threat intelligence ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience & Attributes 3+ years experience as a Cyber Security Operations Analyst Familiarity with threat intelligence ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management ...

core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed … ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps ...

holistic view of the organisation’s security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments Familiarity with risk management tools and methodologies. What ...

broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services. Lead and support cyber security incident response activities, including investigation, containment, remediation and post incident review. Oversee security monitoring, alerting … escalations from the Service Desk and wider IT teams. Assess and manage cyber security risks associated with new technologies, suppliers and business initiatives. Support threat intelligence activities and ensure emerging threats are assessed for relevance to the firm's environment. Provide guidance, mentoring and knowledge sharing to improve ...

systems that detect and analyse real-world cyber threats at scale. Main Duties of the Role Design and develop Python-based tools for threat intelligence and security research Build and optimise data pipelines to process large volumes of security data Work closely with researchers to identify, monitor … Continuously improve tooling and automation to enhance detection capabilities What Were Looking For Strong commercial experience with Python development Interest or background in cybersecurity, threat intelligence, or offensive security Experience working with APIs, data processing, and distributed systems Understanding of cloud platforms (AWS, GCP, or Azure ...

escalation point for analysts, and provide out-of-hours escalation support when required. This is a highly technical, hands-on role where youll lead threat hunting, develop and tune SIEM detections, and help mature SOC processes and response playbooks. Youll also play a key role in mentoring analysts … driven detection, automation, and response capabilities are introduced. You will: Develop, tune, and maintain SIEM detection rules across customer environments Conduct proactive threat hunting and threat intelligence research Act as a senior escalation point for Cyber Security Analysts Coach and mentor analysts, supporting skills development and knowledge ...

operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams … relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication ...

intersection of cybersecurity and AI, addressing emerging threats while enabling secure and scalable AI delivery. This role covers the full AI security lifecycle, including threat modeling, prompt injection defenses, securing model supply chains, hardening RAG pipelines, and building scalable security tooling. You will act as the subject matter expert … Implement content safety (filtering, toxicity detection); Enforce authentication, authorization, and rate limiting for AI APIs; Secure model serving (logging, audit trails, anomaly detection; Conduct threat modeling (STRIDE, MITRE ATLAS, OWASP LLM Top 10); Lead red teaming (adversarial prompts, robustness testing, data exfiltration); Track AI threat intelligence (attacks ...

performing Security Operations Centre (SOC) environment. This role is focused on designing, developing, and optimising detection content to strengthen cyber defence capabilities and improve threat visibility across enterprise environments. You will play a critical role in enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise ratio Validate detection logic ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration standards ...

standards. Support incident management, vulnerability assessments, and SOC-related activities. Contribute to secure software supply chain practices, including CI/CD security reviews. Interpret threat intelligence, CVEs, and CVSS scores to inform risk-based decision making. Collaborate with stakeholders across technical and non-technical teams, clearly articulating risks ...

Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual ...

remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners. Analyse attack vectors, exploits, and root causes. … large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi disciplinary response teams. Excellent communication skills, with ...