101 to 125 of 169 Threat Intelligence Jobs in the UK

detection tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. About your Skills We're open-minded when it comes to hiring and we care more about aptitude … supporting and conducting Incident Response engagements. Experience in endpoint based investigations. Experience in cloud based investigations. Experience with Incident Command and conducting Tabletop Exercises Interest in Automation. Interest in Threat Intelligence and Analytic Tuning. A high level understanding of mobile, network and operating system security controls. Any experience of programming in Python, Go and/or Java. A More ❯

have strong understanding of as many of the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk More ❯

Fenix24 is an industry-leading cyber disaster recovery and restoration company. Battling threat actors as The World's First Civilian Cybersecurity Force , Fenix24 delivers cybersecurity services through its four battalions: Fenix24 for ransomware recovery and restoration; Athena7 for IT security assessments, strategy and planning; Grypho5 for ongoing security-based management; and Argos99 for expert insights into data, assets and … its Securitas Summa program, Fenix24 ensures organizations are prepared to effectively resist and rapidly recover from a cyberattack, offering a combination of managed data and infrastructure protection, real-time threat intelligence, and ongoing hardening and breach resistance. About This Position The Lieutenant is the senior workstream leader for Fenix24 ransomware restoration events. Lieutenants oversee technical workstreams of a More ❯

people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description Experian Cyber Fusion Center is looking for a Threat Intelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization … and lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the Threat Intelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of … Primary Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

What You'll Be Working On: ️ Proactively identifying and investigating advanced persistent threats (APTs), malware, and other cyber threats within the organization's network ️ Utilizing threat intelligence to hunt for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) ️ Analyzing network traffic, logs, and endpoint data to detect anomalies and uncover hidden threats ️ Collaborating with incident response … and security operations teams to track down and eliminate threats ️ Continuously improving threat detection strategies and developing new tools and techniques to stay ahead of evolving threats What We're Looking For: ️ Proven experience as a Threat Hunter or in a similar cybersecurity role focused on threat detection and incident response ️ Strong knowledge of threat intelligence … frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST are highly desirable More ❯

Location(s): UK, Europe & Africa: UK: Gloucester BAE Systems Digital Intelligence is home to 4,500 digital, cyber, and intelligence experts. We work across 10 countries to collect, connect, and analyze complex data, enabling governments, armed forces, and businesses to achieve digital advantages in demanding environments. Job Title: Threat Hunter Requisition ID: 121789 Location: Leeds - hybrid and … members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection … vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating the need for improvements through scenarios and red teaming. Perform complex threat More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Department Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global … networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers. About the Role Cloudflare is a system spanning the globe, on a mission to make the internet better, safer, and more powerful everyday. To help fulfill this mission, we More ❯

ensuring their SIEM and wider technologies are operating as effectively as possible whilst ensuring People and Process are similarly proficient. Main tasks and responsibilities: Help customers implement or improve threat modelling and provide valuable new use cases to ensure their SIEM is capable of detecting the real-world tactics used by adversaries. Undertake assessments and gap analysis including technical … health checks and use case coverage mapped to control frameworks and business services. Implement and develop threat monitoring use cases taken from threat intelligence sources Produce clear technical documentation Assess existing threat monitoring rules with a focus on changing threat landscape and technologies Document appropriate detection, containment and response strategies to meet business needs Pre More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

Your new role You'll be joining an established Cyber team, supporting them to help them to achieve the CAF framework regulations, whilst getting involved with SIEM, Vulnerability Management, Threat Intelligence and IAM. Part of the team executing a cyber improvement programme to enhance security posture Support compliance with relevant Cyber Security regulations, standards, and frameworks Implement and … ideally 3+ years of experience in similar cyber security roles, with experience in implementing security frameworks (e.g. NIST, CAF, ISO) Prior hands-on experience with SIEM, Vulnerability Management, Threat Intelligence, and IAM systems Experience contributing to enterprise-level security initiatives Third-party vendor relationship experience What you'll get in return Salary of between £52K-£55k 27 days More ❯

Response (Technical) and works closely with the Cyber Crisis Management team. The ideal candidate will have an investigative background, technical skills, and a deep understanding of current and emerging threat actors. Role Tasks and Responsibilities Technical Response Lead and assist with host and network-based investigations, collaborating with the Digital Forensics Incident Response (DFIR) team. Perform threat hunting … live compromise assessments for organizations suspecting a breach. Detect and hunt for unknown malware in memory across systems. Assist in commercializing developed technology and automation. Understand existing and emerging threat actors and their tools, tactics, and procedures. Work with the Cyber Threat Intelligence team to leverage technical information and automation. Advise on technical recovery strategies balancing understanding More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role … accurate revenue forecasts and budgets for the renewal sales team, aligning with company objectives and the delivery of accurate and timely forecasts by the team for escalation reporting. Market Intelligence: Stay updated on industry trends, competitors, and customer needs to offer localize insights to global MI, including specific focus on trends regarding renewal best practices. Process Improvement: Continuously evaluate More ❯

status About You 3-5 years of experience in cyber security roles, with hands-on involvement in implementing frameworks like NIST, eCAF, or ISO27001 Experience in SIEM, Vulnerability Management, Threat Intelligence, and IAM tools Background in supporting enterprise-level security initiatives aligned with regulatory or certification standards If you're interested in hearing more about the role please More ❯

Fenix24 is an industry-leading cyber disaster recovery and restoration company. Battling threat actors as The World's First Civilian Cybersecurity Force , Fenix24 delivers cybersecurity services through its four battalions: Fenix24 for ransomware recovery and restoration; Athena7 for IT security assessments, strategy and planning; Grypho5 for ongoing security-based management; and Argos99 for expert insights into data, assets and … its Securitas Summa program, Fenix24 ensures organizations are prepared to effectively resist and rapidly recover from a cyberattack, offering a combination of managed data and infrastructure protection, real-time threat intelligence, and ongoing hardening and breach resistance. About This Position The Technical Account Manager is responsible for providing technical guidance and building strong relationships with clients. They ensure More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . The More ❯

may be a good fit if you: 3+ years of software engineering experience, with security experience a plus and/or. 5+ years of detection engineering, incident response, or threat hunting experience. A solid understanding of cloud environments and operations. Experience working with engineering teams in a SaaS environment. Exceptional communication and collaboration skills. An ability to lead projects … involving large-scale Kubernetes environments. A high level of proficiency in Python and query languages such as SQL. Experience analyzing attack behavior and prototyping high-quality detections. Experience with threat intelligence, malware analysis, infrastructure as code, detection engineering, or forensics. Experience contributing to a high growth startup environment. Deadline to apply: None. Applications will be reviewed on a More ❯

defensive & offensive cyber security, with expert governance & compliance consultancy - offering organisations a comprehensive service. Our all-in-one solution simplifies cyber security by providing 24/7 protection, proactive threat intelligence, expert consultancy, and real-world attack simulations - all from a single, trusted source. Our goal is to provide peace of mind to our clients, knowing they are More ❯

be available and supported. Reporting to the Security Service Manager. Key Responsibilities: Actioning alerts generated through SIEM Tools. Reviewing alerts and refining rulesets to tune SIEM Tools. Working with threat intelligence provider to assess the security posture of the system. Providing security consulting and expertise to the IT help team. Undertaking component/system Scanning for vulnerabilities. Conducting More ❯

world-class defences as we scale. And if something doesn't go to plan, this role will be accountable alongside the executive team to contain, control and disrupt any threat-and restore normal operations. Responsibilities will include: Championing our security culture-training our team to be the best form of defence. Conducting threat analyses and ongoing risk assessments … with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP 800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like an attacker and design controls that make a real difference. Has proven ability to enable a business to move fast, working … to define solutions that allow us to achieve objectives, whilst also keeping us safe. Has good research and analytical skills utilising a variety of sources: online research, industry forums, threat intel feeds etc. using these to maintain oversight of current and future threats and opportunities to mitigate them. Has an enthusiastic 'roll up your sleeves' mentality, confidently getting into More ❯

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them ahead of the curve when it comes to threat … systems in place and you'll have the chance to shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on More ❯

the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Strategic Threat Intelligence team, reporting to the Strategic Threat Intelligence Manager. As a senior member in this team, you will have some limited line management responsibilities but will … be expected to be heavily involved in the training and mentoring of other Threat intelligence team members, as well as supporting the overall growth of the Strategic Threat Intelligence team. You will be expected to have strong consultancy skills and experience in delivering large/complex pieces of client facing work where you will need to … be able to manage multiple internal and external stakeholders. Key Accountabilities Support the development and growth of our Strategic Threat Intelligence capabilities in line with our overall Threat Intelligence and Corporate Strategy Support and lead the delivery of Regulator-driven Threat Intelligence Engagements (CBEST, TIBER, CORIE, iCAST, AASE) Deliver services from our Threat More ❯

of us is able to contribute fully. Our unique backgrounds and perspectives strengthen our ability to achieve Amazon's mission of being Earth's most customer-centric company. Our Threat Intelligence (TI) team is looking for an experienced Intelligence Specialist with demonstrated subject matter expertise in fraud threat intelligence either in the private or public … sector. Ideal candidates have served in a capacity within law enforcement and the intelligence community performing a wide variety of support functions to include detecting, identifying, assessing, exploiting, countering and/or neutralizing the intelligence collection or adversarial efforts of fraud actors. This position will be based in Singapore to support the SPS TI team's APAC outfit. … will be on a team responsible for identifying and analyzing fraud activity, discovering tactics, techniques, and procedures employed by the fraud actors along with new fraud trents, and providing intelligence support to investigations. You will ideally also identify areas for process improvement and work with other cross-functional teams to automate and streamline new and existing workflows. This position More ❯