101 to 125 of 203 Threat Intelligence Jobs in the UK

be progressing your career at a global, hugely profitable, Investment Management firm. As a Cyber Defence Analyst you will take a proactive approach to threat hunting and security incident response. You'll play a key role in detection enhancements, improvements to standard operating procedures and will collaborate with internal … strong experience in Security Operations, CSIRT or similar role You have experience of building out functions of a Cyber Defence Team e.g. insider risk, threat intelligence, breach attack simulation You have a strong knowledge of SIEM and deep Splunk experience You have a good understanding of various security More ❯

be progressing your career at a global, hugely profitable, Investment Management firm. As a Cyber Defence Analyst you will take a proactive approach to threat hunting and security incident response. You'll play a key role in detection enhancements, improvements to standard operating procedures and will collaborate with internal … strong experience in Security Operations, CSIRT or similar role You have experience of building out functions of a Cyber Defence Team e.g. insider risk, threat intelligence, breach attack simulation You have a strong knowledge of SIEM and deep Splunk experience You have a good understanding of various security More ❯

for security monitoring and analysis. Familiarity with security technologies and an understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of Threat Intelligence , Digital Forensics , and Data Loss Prevention . Relevant certifications such as CISSP , CEH , or Splunk certifications are highly desirable. Ability to thrive More ❯

IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity More ❯

IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity More ❯

incident response, compliance, and implementing innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in Azure environments. … response: investigate and mitigate security incidents, applying root cause analysis and remediation. Security testing: conduct regular application and network security assessments to identify vulnerabilities. Threat intelligence: monitor the cybersecurity landscape for emerging threats and develop innovative defensive strategies. Development security: monitor version control systems, identify vulnerabilities, and collaborate More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function … delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing, and Security Analytics functions develop under your leadership to deliver maximum context More ❯

environments. Coordinate with infrastructure and application teams to ensure timely and effective remediation. Collaborate with the Security Operations Centre (SOC) to correlate vulnerabilities with threat intelligence and incidents. Maintain and improve vulnerability management tooling and reporting frameworks. Contribute to security posture improvement through metrics, dashboards, and remediation tracking. … management. Key Skills & Experience: Proven experience in vulnerability management and Security Operations within a financial services. Experience working in or supporting a SOC or threat detection function. Strong knowledge of common vulnerabilities, exploits, and threat landscape. Understanding of security frameworks and standards such as NIST, ISO 27001, and More ❯

environments. Coordinate with infrastructure and application teams to ensure timely and effective remediation. Collaborate with the Security Operations Centre (SOC) to correlate vulnerabilities with threat intelligence and incidents. Maintain and improve vulnerability management tooling and reporting frameworks. Contribute to security posture improvement through metrics, dashboards, and remediation tracking. … management. Key Skills & Experience: Proven experience in vulnerability management and Security Operations within a financial services. Experience working in or supporting a SOC or threat detection function. Strong knowledge of common vulnerabilities, exploits, and threat landscape. Understanding of security frameworks and standards such as NIST, ISO 27001, and More ❯

we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a … Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and effectiveness More ❯

principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks Experience of formal document creation, such as the creation of reports or procedures Threat Intelligence analysis and best practice Security Incident Response processes, procedures, and best practices Disaster Recovery and Business Continuity principles Event and log analysis More ❯

and secure-by-design approaches. Exposure to DevSecOps practices, security tooling integration into CI/CD pipelines, and secure development lifecycle support. Awareness of threat intelligence, attack vectors, and emerging vulnerabilities across enterprise IT ecosystems. Ability to contribute to client workshops, security design reviews, and collaborative problem-solving More ❯

in-depth, and secure-by-design approaches.Exposure to DevSecOps practices, security tooling integration into CI/CD pipelines, and secure development lifecycle support.Awareness of threat intelligence, attack vectors, and emerging vulnerabilities across enterprise IT ecosystems.Ability to contribute to client workshops, security design reviews, and collaborative problem-solving sessions. More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

software development practices (DevSecOps, secure coding standards, OWASP top 10) into everyday processes. Oversee the security posture of cloud environments, ensuring secure configurations, proactive threat monitoring, and resilience planning. Establish and maintain a robust risk management framework, proactively identifying, assessing, and mitigating cybersecurity risks in alignment with business goals. … Define standards for operational security including vulnerability management, incident detection and response, threat intelligence, and third-party/vendor security management. Act as the key internal and external security spokesperson, confidently communicating security strategy, risks, and controls to the Board, customers, regulators, and other stakeholders. Serve as the More ❯

best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM …/SOAR platforms, endpoint detection and response (EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python More ❯

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is More ❯

DFTO, responsible for establishing and maturing the group's overall cyber security posture, ensuring it effectively mitigates risks in the face of the evolving threat landscape. This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating … gaps, and develop/oversee implementation of tailored uplift programmes. Develop core cyber capabilities: Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence/vulnerability management programs as key priorities. Group Cyber Services & Technology: Develop, promote and implement shared cyber services and evaluate/select … Extensive experience developing and implementing cyber security strategies, frameworks (including maturity models), and risk management methodologies in complex organisations. Accredited in ISO27001 or similar. Threat Landscape & Incident Response: Deep understanding of modern cyber threats and attack vectors, coupled with proven experience in developing and managing effective incident response processes. More ❯

of experience in cybersecurity, with at least 3 years in a leadership role within a SOC or similar environment. - Proven experience in incident response, threat intelligence, and security operations. - Demonstrated success in building, leading, and managing high-performing teams. - Skills: - Strong leadership and management skills, with the ability More ❯

security (Azure, AWS, etc.). Knowledge of compliance frameworks like PCI DSS, HIPAA, SOC 2. Proficiency with Windows, Linux, macOS, and network protocols. Understanding threat intelligence platforms and attack mitigation techniques. Strong problem-solving skills. Certifications: CISSP, CEH, Security+, CISM, or similar; Cisco CCNP Security or equivalent. Experience More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. … service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients regarding incidents, reports, and security posture. Help shape and execute the SOC’s More ❯

remote London/Berkshire Overview: Senior SOC Analyst Level 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting/triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents/… escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills … of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules, optimising performance, and reducing false positives. More ❯

addressed to meet organisational objectives, using a risk-based approach. Help public sector bodies improve their vulnerability management life cycle. Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures and to enhance the quality and type of data provided to customer organisations. Work with … the service owner and customer organisations to identify gaps in our monitoring capability and improve and expand the scope of the vulnerability and threat data we can provide. Your skills: Analysis Communication (security architect) Designing secure systems Enabling and informing risk-based decisions Research and innovation Security technology Vulnerability More ❯

of products and components. Examples of the tasks, include, but are not limited to; assessment to latest cybersecurity standards, penetration testing (IoT and WebApp), threat modelling, firmware investigation, code analysis etc. This service will be provided to external clients, who will predominantly be manufacturers of wired and wireless IoT … related controls (encryption, digital signatures, secure boot, access control, password management). Understanding how to implement security activities such as vulnerability and patch management, threat intelligence etc. Hands-on practical knowledge with reverse engineering and/or vulnerability testing tools and techniques. Experience in common scripting languages such More ❯