76 to 100 of 143 Threat Intelligence Jobs in the UK

at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and … their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the GRC working group. … key part in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling More ❯

and Defender XDR. The role requires strong analytical skills, attention to detail, The ability to execute response actions such as endpoint isolation, IOC blocking, malware scans, and user containment Threat monitoring and detection Threat intelligence and hunting SOAR and automation Skills MS Sentinel/Defender for Endpoint Understanding Mitre Att&ck framework Required 2+ years exp in More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What you'll be doing: Delivery of core triage function as part of 24/7 protective … impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience of working within Security Operations or equivalent … and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What you'll be doing: Delivery of core triage function as part of 24/7 protective … impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience of working within Security Operations or equivalent … and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives click apply for full job details More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector, GuardDuty … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks More ❯

protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security More ❯

conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security More ❯

digital forensics team. This is a client-facing role where you'll lead DFIR (Digital Forensics & Incident Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you're an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on … from breach triage and containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence and MITRE ATT&CK to attribute attacks and inform … digital forensics. Industry Contribution: Publish thought leadership, speak at conferences, and represent the business at NCSC CIR and key cybersecurity forums. Required Skills & Experience Proven experience in incident response, threat hunting, or digital forensics (DFIR), ideally in consulting or client-facing roles. Hands-on leadership of large-scale incidents such as ransomware, insider threats, or advanced persistent threats (APT More ❯

assets. Collates, defines, and enforces secure configuration baselines and hardening standards in alignment with organisational security obligations and recognised industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines). Conducts threat modelling and risk assessments to identify vulnerabilities or compliance gaps. Maintains and manages Software Bills of Materials (SBOMs). Assists with integrating security monitoring, logging, and alerting capabilities. Creates … risk assessments, risk mitigation plans, and security operations procedures. Performs security validation, configuration assessments, and support user acceptance testing (UAT) for security-related features. Collates and analyses information for threat intelligence requirements from a variety of sources. Designs and executes complex vulnerability research activities. Provides guidance, support and mentoring to other IT Engineers as requested by the IT … . Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated More ❯

will play a crucial part in supporting our analysis efforts and collaborating on key projects with our strategic clients. You will be responsible for conducting in-depth analysis of intelligence data, writing comprehensive reports, and providing valuable insights to inform decision-making processes. Responsibilities Conducting high-level open-source intelligence investigations and creating ad-hoc reports on different … topics to support the company's sales, intelligence, and R&D efforts. Analyzing large data sets and providing meaningful insights. Researching new online platforms to discover methods for automating data collection. Monitoring third-party websites, forums, messaging app channels, and more to uncover malicious activities. Assist our product and intelligence teams in better understanding our customers' needs by … pro-active and independent thinker and doer. A quick learner of new practice areas and technological tools. Tons of curiosity. A methodological approach to the art of web intelligence. Intelligence/Research/Trust & Safety/Content Moderation Background - an advantage. Experience with at least 2 languages - an advantage. Excellent Excel/Google Sheets skills. Capable of dealing with More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero More ❯

executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and More ❯

executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

Growth: Contribute to proposals, presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea More ❯

Growth: Contribute to proposals, presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea More ❯

VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to More ❯

VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to More ❯

The Role As a SOC Detection Engineer, you will design, develop, and maintain high-quality detection content to improve threat visibility and reduce risk across customer environments. You apply expert knowledge of attacker tactics and telemetry sources to create and manage scalable, accurate, and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support … operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM … XDR, and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or More ❯