51 to 75 of 134 Threat Intelligence Jobs in the UK

firewalls, vulnerability scanning, web/email gateways, etc.) Strong understanding of networks, operating systems, authentication, cloud platforms, and common attack techniques Experience with threat intelligence, attack simulation, or readiness exercises Familiarity with frameworks like ISO 27001, NIST CSF, PCI DSS, and UK GDPR Clear, confident written and verbal ...

protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month … exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain ...

Title: Head of Product – Third-Party CyberSecurity Intelligence Platform Location: London (Remote) Reports to: CEO About the Client: Our client helps enterprises discover, assess, and respond to third-party and supply-chain risks through advanced AI-driven analytics and intelligence . Their mission is to deliver continuous, data … world-class technical team , shape the architectural vision , and drive execution across multiple product streams — including large-scale data pipelines and real-time risk intelligence systems . Role Overview: As Head of Product you will be responsible for owning the product roadmap and execution for one or more major ...

deep expertise in cybersecurity and practical experience in securing AI/ML systems. In this role, you will help clients navigate the rapidly evolving threat landscape of artificial intelligence. You will work across strategy, architecture, and hands-on technical analysis to design resilient systems for high-impact environments. … Responsibilities AI/ML Security Oversight: Evaluate and secure the entire AI lifecycle, including model governance, data pipelines, and deployment patterns. Threat Modeling: Conduct advanced security assessments and risk analysis across cloud, on-premise, and hybrid environments. Risk Mitigation: Advise clients on emerging AI risks such as prompt injection ...

team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other … functions to help ensure that detection strategies are tailored to each client’s threat profile and security objectives. This role offers a balance of technical hands-on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. ...

Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility, improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders … coverage across networks, data centres, and cloud estates. - Guide onboarding, configuration, and tuning of Microsoft Defender XDR (Endpoint, Identity, Email, Cloud Apps, Server, and Threat Intelligence modules). - Ensure correct enablement of telemetry, behavioural analytics, detection logic, and baselining across both platforms. - Coordinate testing, validation, and acceptance ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management to contribute … SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI, and Cribl to correlate alerts and transform raw intelligence into actionable defensive insights. Detection & Monitoring: Designing advanced alerting ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management to contribute … SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI, and Cribl to correlate alerts and transform raw intelligence into actionable defensive insights. Detection & Monitoring: Designing advanced alerting ...

Title: Head of Product – Third-Party CyberSecurity Intelligence Platform Location: London (Remote) Reports to: CEO About the Client: Our client helps enterprises discover, assess, and respond to third-party and supply-chain risks through advanced AI-driven analytics and intelligence. Their mission is to deliver continuous, data-backed visibility … world-class technical team, shape the architectural vision, and drive execution across multiple product streams — including large-scale data pipelines and real-time risk intelligence systems. Role Overview: As Head of Product you will be responsible for owning the product roadmap and execution for one or more major modules ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. ...

latest security threats and trends Research and develop understanding of security as a discipline Broad Experience: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and Leavers Processes) ITSM Policies and Procedures ...

documentation standards Act as a mentor and escalation point for Tier 1 and Tier 2 analysts during live operations Support alignment between SOC operations, threat intelligence, and incident response functions Capture operational metrics relating to alert handling efficiency, response delays, and quality issues Identify procedural gaps and contribute … pressure operational settings Excellent written and verbal communication skills for escalation, reporting, and documentation A collaborative mindset with the confidence to engage with management, intelligence, and response teams The ideal candidate must have: Broad security awareness across IT, with strong experience in Network Security and Infrastructure Working knowledge ...

provide consultation and expertise on security matters. Responsibilities: Security Operations & Incident Management: Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes . Vulnerability … technologies and policies. Knowledge of identity and access management principles. Familiarity with security accreditations such as ISO27001, CyberEssentials and CyberEssentials+. Excellent incident response and threat intelligence skills. Strong communication skills to convey security matters to technical and non-technical audiences. Benefits: 25 Days Holiday Birthday ...

products and components. Examples of the tasks, include, but are not limited to; assessment to latest cybersecurity standards, penetration testing (IoT and WebApp), threat modelling, firmware investigation, code analysis etc. This service will be provided to external clients, who will predominantly be manufacturers of wired and wireless IoT/… related controls (encryption, digital signatures, secure boot, access control, password management). Understanding how to implement security activities such as vulnerability and patch management, threat intelligence etc. Hands-on practical knowledge with reverse engineering and/or vulnerability testing tools and techniques. Experience in common scripting languages such ...

Defence environments Proficiency with SIEM tools such as Splunk, Elastik, or Defender Knowledge of cloud security and incident management processes Understanding of networking, threat intelligence, and key security threats like phishing and ransomware Experience with identity and access management (IDAM) and JML processes Familiarity with technical standards including ...

risk management. Architect end-to-end cybersecurity solutions and services across a wide range of domains, including Perimeter and Network Security, Zero Trust Architecture, Threat Intelligence, Identity and Access Management, Managed and Extended Detection & Response, Endpoint and Device Security, Cloud Security, Data Security and Privacy, Application ...

Compliance Manager (Information Assurance) to support a long-term public sector programme. The role focuses on identifying, articulating, and managing cyber risks arising from threat activity, architectural design, and compliance gaps, while advising senior stakeholders on proportionate mitigation strategies. This role sits at the intersection of cyber risk management … compliance, and technical assurance , requiring strong communication skills across both business and technical audiences. Key Responsibilities Draft, articulate, and manage cyber risks derived from: Threat intelligence Architectural and design weaknesses Compliance failings Define and clearly present risk treatment options : Mitigate Avoid Accept Transfer Communicate effectively with: Senior government ...

maintain security solutions for our Enterprise and Digital Channels. Examples of what we focus on include, but not limited to; DDoS, Vulnerability management and threat intelligence, certification, ensuring layer 6 & 7 defences are one step ahead of cyber criminals. You’ll also help develop and deliver cyber security ...

Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation (ECS/CIM). Develop and tune security detection rules, translating threat intel and TTPs (MITRE ATT&CK) into actionable, low-noise alerts. Manage the full content lifecycle: design test deploy monitor tune retire, with version ...

cloud-native cybersecurity platform for large-scale data collection, correlation, and real-time alerting. Their systems process high volumes of data to deliver actionable intelligence for enterprise and government clients. They are looking for a Senior Software Engineer (PHP) to join a small, highly technical backend team working … Strong problem-solving skills and ownership mindset. Additional/Desirable experience: Experience with large-scale data ingestion or cross-referencing platforms. Knowledge of cybersecurity, threat intelligence, or data protection domains. Hands-on experience with monitoring, observability, and performance profiling. Experience integrating analytics, AI, or LLM-powered features. Working ...

technical certifications desired Experience: 3+ years experience in SOC, or related technical field Understanding of the following: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and Leavers Processes) ITSM Policies ...

respond quickly. Working side by side with Analysts, Architects, PMs and Engineers to make sure the SIEM content hits the mark. Bringing the latest threat intel, vulnerabilities and attack methods into our set-up. Helping to shape and maintain security standards and procedures. What you’ll bring Solid hands ...

environments from emerging threats. Key Responsibilities Investigate and analyse security events, correlating data and identifying root causes. Perform deep-dive incident analysis using logs, threat intel and IoCs. Conduct proactive and reactive threat hunting. Execute vulnerability assessments and support remediation activities. Carry out risk analysis, identifying gaps … Maintain best-practice configurations across all security platforms. Key Skills & Experience Experience working in a technical cyber security team. Strong understanding of incident response, threat investigation and vulnerability management. Hands-on experience with security tools such as SIEM, EDR/MDR, WAF, IDS/IPS, firewalls, email security ...

environments. This is a hands-on engineering role focused on active defence , attacker engagement, and turning adversary behaviour into high-quality detection signals and threat intelligence. You'll work at scale, move quickly, and operate where real attackers live. What you'll be doing Design, deploy and run large … adapt deception techniques based on emerging vulnerabilities, exploitation trends and adversary tradecraft Transform raw telemetry and logs into actionable security signals , detections and structured intelligence Rapidly roll out new deception scenarios in response to active exploitation, N-day and zero-day events Work closely with Detection Engineering and Threat ...

working with a rapidly scaling, high-integrity UK cybersecurity services provider that delivers: 24/7 Managed SOC MDR/XDR Managed SIEM Threat Intelligence Incident Response Pen Testing & Consultancy Co-managed security services for mid-market and enterprise organisations They've recently secured new investment, strengthened their … What We're Looking For 5–10+ years selling cybersecurity services (SaaS + MSSP strongly preferred). Experience selling: SOC, MDR/XDR, SIEM, threat intel, IR or pen-testing. Strong track record in regulated sectors: FS, energy, SaaS, education, critical infrastructure. Confident engaging C-suite, boards & multi-stakeholder ...