101 to 125 of 170 Threat Intelligence Jobs in the UK

and play a pivotal role in enhancing cyber defence capabilities. This position offers the opportunity to work on cutting-edge security operations, with a strong focus on IBM QRadar , threat modelling, and automation. What You’ll Do Deploy, configure, and maintain IBM QRadar SIEM solutions. Onboard and normalise log sources across both cloud and on-premise environments. Develop and … optimise analytical rules for advanced threat detection and behavioural analysis. Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response. Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases. Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence … in SOC/NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

you create change in the workplace - making it better for all. Logiq Consulting are Cyber Security and Information Assurance experts. We specialise in providing leading edge consultancy to high-threat clients, as well as delivering a range of security services and products throughout the Private and The Role: An increase in clients across our Managed Services, along with the … Promote and evolve the clients Security Operations Centre (SOC), make recommendations for playbooks, processes and procedures, and assist in further integrating monitoring capabilities to enhance the SOC function. Utilise threat intelligence feeds and software vulnerability management tools to identify and respond to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations … risks regarding further potential treatment/mitigation options. Essential Skills: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. You will also hold DV Clearance and be a sole UK National. Desirable Skills: To support the requirements of this role an awareness of national and international standards More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … broader Cyber Transformation roadmap. Team Building & Transformation - Build and mentor a high-performing global team of offensive security engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and More ❯

during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

with internal stakeholders (Field Sales, Marketing, Sales Operations, etc.) and leverage strategic regional partners to maximize growth, expand reach, and ensure flawless execution. Strategic Forecasting & Reporting: Maintain precise account intelligence and provide accurate forecasts of business opportunities in SFDC to inform strategic decisions for sales and executive leadership. Qualifications Your Experience We are seeking a highly accomplished and results … years of experience selling complex Security solutions or services, including a profound understanding and proven success in: Offensive Security Services Incident Response Retainers Risk Management Services SOC Assessment Services Threat Intelligence Services Channel Ecosystem Acumen: A profound understanding of global channel partners and a proven ability to strategically leverage a channel-centric go-to-market approach to drive More ❯

IT, engineering, and business teams to ensure swift containment and recovery. Review and tune security alerts with the MDR provider, refining detection rules to minimize false positives and improve threat identification accuracy. Develop, track, and report on key MDR performance indicators (KPIs) to leadership, highlighting trends and the effectiveness of security operations. Maintain and evolve our security incident response … responding to complex security incidents. Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar). Ability to query data, analyze logs, and understand how data sources feed into threat detection. Strong knowledge of EDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black) and their role in detecting and responding to threats on endpoints. Solid understanding of network protocols, firewalls, intrusion …/prevention systems (IDS/IPS), and network traffic analysis. Familiarity with security principles and services in major cloud environments (AWS, Azure, GCP). Ability to consume and apply threat intelligence to proactively improve security controls and detection mechanisms. Experience with MacOS desired. Experience with web3 environments desired. Must be able to articulate complex technical concepts to both More ❯

tasks, and develop new detection content including machine learning analytics and security automation. Maintain and update SOC documentation, processes, procedures, and operational metrics/dashboard reporting. Build and enhance threat intelligence capabilities, sharing actionable insights across the organisation and wider smart energy sector. Collaborate with internal and external teams to identify opportunities for security improvements and evaluate emerging … including leading investigations in complex environments. Strong ability to work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure More ❯

The Role We are seeking a seasoned Senior Cyber Security Consultant with a background in SOC engineering tools plus one of Cloud Security, Identity and Access Management (IAM) or Threat Modelling. In this role, you will work with cross-functional teams to deliver cutting-edge security solutions that address the evolving threat landscape, helping organisations to safeguard their … and other monitoring tools. Provide technical guidance to engineering teams on secure design and implementation. Develop playbooks and automation scripts to enhance SOC efficiency and incident response capabilities. Integrate threat intelligence feeds into SOC workflows for real-time monitoring and response. Conduct regular tool performance reviews and implement upgrades or replacements as necessary. Skills Extensive experience in SOC … tools engineering plus one of Cloud Security, Identity & Access Management (IAM) or threat modelling. Hands-on experience with SOC tools, including SIEM, SOAR and EDR solutions. Strong experience in securing cloud platforms (AWS, Azure, GCP) and understanding of their native security services (preferred). Knowledge of IAM principles, tools (e.g., Okta, Azure AD, CyberArk), and frameworks (preferred). Proficiency More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. More ❯

role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. More ❯

to translate technical threats into business terms. Tools & Technologies - You will work with a modern SOC technology stack, including: SIEM: Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint Threat Intel: Recorded Future Network Analysis: Wireshark/tcpdump SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps Vulnerability Management: Tenable Nessus/Tenable.io Other nice to have tools: Shodan, Censys More ❯

to translate technical threats into business terms. Tools & Technologies - You will work with a modern SOC technology stack, including: SIEM: Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint Threat Intel: Recorded Future Network Analysis: Wireshark/tcpdump SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps Vulnerability Management: Tenable Nessus/Tenable.io Other nice to have tools: Shodan, Censys More ❯

you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the … design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure More ❯

knowledge sharing and external thought leadership. 🔐 What We're Looking For DV clearance (or the ability to obtain it) – this is essential. Extensive experience in incident response, forensics, or threat hunting , ideally in a consultancy or client-facing role. Proven track record leading large-scale incidents — ransomware, insider threats, nation-state intrusions. Strong technical capabilities in forensic tooling, EDR … . GIAC (GCFA, GCFE, GEIR, GREM, GNFA), CREST CRTIR, CISM, or CISSP certifications. Experience liaising with legal, regulatory, and insurance stakeholders during high-pressure incidents. Background in reverse engineering, threat intelligence, or TTP attribution. Public contributions to the security community (e.g. speaking, publishing, tooling). 🌟 What You’ll Get from Us Competitive salary, plus overtime and on-call More ❯

informing decision-making, and proactively contributing to mitigating potential threats. The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation. Key Responsibilities … the organization to respond efficiently and effectively to cyber threats. Qualifications: Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. GIAC Certified Incident Handler Bachelor's or Master's degree in Cyber Security or related More ❯

informing decision-making, and proactively contributing to mitigating potential threats. The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation. Key Responsibilities … the organization to respond efficiently and effectively to cyber threats. Qualifications: Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. GIAC Certified Incident Handler Bachelor's or Master's degree in Cyber Security or related More ❯

ISO 27001, and other security standards. Risk Management: Maintain risk frameworks and produce assurance documentation. Secure by Design: Partner with project teams to integrate security requirements early in development. Threat Intelligence: Research emerging threats and mitigation strategies. Testing & Audits: Oversee penetration tests and security audits. Policy Development: Keep security policies and staff training programs up to date. Requirements More ❯