76 to 100 of 170 Threat Intelligence Jobs in the UK

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on … meaningful, mission-critical projects. What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and … adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits More ❯

Role Title: Threat Intelligence Business Analyst Start Date: ASAP End Date: 31st Mar 2026 Rate: £400 Location: 3 days on site in Manchester The Threat Intelligence Business Analyst plays a critical role in identifying and translating business problems and intelligence requirements into actionable solutions that support the strategic objectives of the Chief Security Office (CSO … supports the development and delivery of capabilities within the DataWalk platform by gathering requirements, shaping operational designs, and ensuring stakeholder alignment. Key Accountabilities Identify and analyse business problems and intelligence requirements that require change or enhancement Collaborate with stakeholders to obtain, document, and validate business requirements for DataWalk Identify and assess the potential impact of proposed deliverables for example … improving existing processes and/or providing new intelligence capabilities. Translate stakeholder needs into structured deliverables that guide solution design and implementation Support feasibility assessments and contribute to business cases that justify investment in proposed solutions Ensure proposed solutions are aligned with operational design and process expectations Monitor project progress and support reporting to ensure timely and budget-conscious More ❯

Tasking Coordinator - Cyber Threat Intelligence Contract | Inside IR35 | London We're seeking a proactive Tasking Coordinator to support a government client in coordinating responses to cyber threats across departments. This isn't a traditional SOC role - it's about enabling defenders to act as one and sharing intelligence that drives action. Key Responsibilities: Triage and escalate reports … as part of the Watch Officer rota. Support incident response during high-alert periods. Monitor and assess emerging cyber threats. Share actionable threat intelligence via reports and briefings. Manage tooling (e.g. malware sandboxes, TIPs) and collaborate across teams. Represent the organisation in wider cyber intelligence communities. What You'll Bring: Cyber security experience, ideally in a SOC … or threat intelligence setting. Strong IT foundations and stakeholder engagement skills. Clear, concise communication - written and verbal. Familiarity with adversary TTPs and threat intelligence platforms. If you're a hands-on operator who thrives in fast-paced environments and enjoys working across teams, apply now to make an impact. Carbon60, Lorien & SRG - The Impellam Group STEM More ❯

The Vacancy Job Title: Cyber Intelligence Specialist Contract Type: Permanent, Fulltime Location: Bradford, Petersfield, Chatham or London Working Pattern: Hybrid-typically 1 to 3 days a week in the office. Part-time or flexible arrangements are considered to support work-life balance. A fear of losing your current working flexibility shouldn't hinder you from applying for new opportunities … Development: Learning for all Finance: Snoop Premium available to all colleagues Medical: Opportunity to opt in for Private Medical Insurance Bonus: Discretionary annual bonus The Role: As our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities … enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity, and mitigate cybersecurity risks. As a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat More ❯

The Vacancy Job Title: Cyber Intelligence Specialist Contract Type: Permanent, Fulltime Location: Bradford, Petersfield, Chatham or London Working Pattern: Hybrid-typically 1 to 3 days a week in the office. Part-time or flexible arrangements are considered to support work-life balance. A fear of losing your current working flexibility shouldn't hinder you from applying for new opportunities … Development: Learning for all Finance: Snoop Premium available to all colleagues Medical: Opportunity to opt in for Private Medical Insurance Bonus: Discretionary annual bonus The Role: As our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities … enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity, and mitigate cybersecurity risks. As a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat More ❯

The Vacancy Job Title: Cyber Intelligence Specialist Contract Type: Permanent, Fulltime Location: Bradford, Petersfield, Chatham or London Working Pattern: Hybrid-typically 1 to 3 days a week in the office. Part-time or flexible arrangements are considered to support work-life balance. A fear of losing your current working flexibility shouldn't hinder you from applying for new opportunities … Development: Learning for all Finance: Snoop Premium available to all colleagues Medical: Opportunity to opt in for Private Medical Insurance Bonus: Discretionary annual bonus The Role: As our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities … enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity, and mitigate cybersecurity risks. As a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat More ❯

The Vacancy Job Title: Cyber Intelligence Specialist Contract Type: Permanent, Fulltime Location: Bradford, Petersfield, Chatham or London Working Pattern: Hybrid-typically 1 to 3 days a week in the office. Part-time or flexible arrangements are considered to support work-life balance. A fear of losing your current working flexibility shouldn't hinder you from applying for new opportunities … Development: Learning for all Finance: Snoop Premium available to all colleagues Medical: Opportunity to opt in for Private Medical Insurance Bonus: Discretionary annual bonus The Role: As our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities … enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity, and mitigate cybersecurity risks. As a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments. You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams … improvement. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain IBM QRadar SIEM platform Onboard and normalize diverse log sources across hybrid environments Develop and tune analytical rules for threat detection and behavioural analysis Playbook Development & Automation Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps … XSOAR) Continuously refine automation based on threat intelligence and incident feedback Threat Detection & Response Monitor and investigate security alerts and anomalies Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or More ❯

are actionable, enriching detection and response activities and informing risk and compliance stakeholders. Technical Architecture & Integration Design and implement a continuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence. Establish enterprise logging standards covering log coverage, retention, encryption, access, and integrity requirements. Drive automation of monitoring workflows and correlation logic to reduce dwell time and improve detection … accuracy. Collaborate with threat intelligence teams to ensure real-time enrichment of event data and alignment with MITRE ATT&CK adversary tactics. Program & Capability Development Build the CCM capability from the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance. Develop and track KPIs, ensuring CCM effectiveness is measurable and communicated to … with at least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions. Proven track record of building or maturing monitoring capabilities (SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration). Knowledge of log ingestion, normalization, correlation, and enrichment processes. Familiarity with leading monitoring technologies: Splunk, DataDog, Microsoft Defender, CrowdStrike Falcon, Azure/AWS/GCP telemetry More ❯

strategy across infrastructure, applications, and data. Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse's risk profile. Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams. Build and mentor a high-performing security team, including hiring, coaching, and managing performance. Develop KPIs and reporting … data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of … proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure Security Partner with engineering to embed security in the More ❯

and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to CI/CD, Infrastructure as Code (IaC), and … Security Engineer/Security Analyst/Cloud Security Engineer/Security Operations Engineer/SOC Engineer/InfoSec Engineer/Infrastructure Security/DevSecOps Engineer/Security Automation/Threat Detection/Threat Intelligence/SIEM/Azure Sentinel/Microsoft Defender/Endpoint Security/PowerShell/Python/Bash/Azure DevOps/Infrastructure as More ❯

Technology Risk Adversarial & Cyber Resilience Testing Director, you will have responsibility for designing and executing red team operations and cyber resilience testing against Starling Bank. Operations will emulate real threat actors and target cutting edge technology in Starling Bank's platform as well as ranging across the endpoint estate. You will use emerging threat intelligence to inform … TTPs Conducting purple team exercises to validate and improve defensive measures by collaborating with the SOC team to enhance detection capabilities Assist in translating red team tactics into actionable intelligence for blue team operations Assist developing threat models and 'worst case scenario' playbooks based on emerging global risks, including APTs, insider threats and supply chain compromise and simulate … are desirable: Experience in Ai/Ml Systems Security, Including LLMs, transformers and model interpretability Certification such as OSCE, CCT, OSEP, OSMR or similar Prior experience in incident response, threat intelligence, or ethical hacking at an enterprise level Background in regulatory environments (e.g. ISO 27001, SOCII, GDPR or AI Act compliance) Software engineering expertise (Java, Kotlin, Go ) or More ❯

/day (Umbrella - Maximum) IR35 Status : Inside IR35 Security Clearance: DV Minimum Requirement: Have experience with dealing with real world threats in the serious and organised crime or cyber threat incidents. Have experience in analysing malware behaviour and an ability to identify associated infrastructure. Have an excellent understanding of how cyber threat attackers build and use infrastructure to … undertake malicious activity Essential Qualifications: CompTIA Cybersecurity Analyst (CySA+) or a similar certification GIAC Cyber Threat Intelligence (GCTI) or a similar certification GIAC Reverse Engineering Malware (GREM) or a similar certification Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) or a similar certification Any mix of 2 of the above qualifications The Role: The purpose of this … work will help inform more effective responses by government, law enforcement and developers alike to combat cybercrime. Researching malicious Internet infrastructure is a highly specialised field that blends cybersecurity, threat intelligence, and network analysis. A specialist in this area should possess a combination of technical skills, analytical capabilities, and practical experience. The key objective is to derive new More ❯

Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience ? Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture ? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯

cloud security, particularly Azure services and tools.* Familiarity with security frameworks such as ISO 27001, NIST, or CIS.* Knowledge of security technologies (firewalls, remote access, ZTNA).* Exposure to threat modelling and cyber threat intelligence is advantageous.Core Skills* Excellent communication and stakeholder engagement abilities.* Analytical mindset with strong problem-solving skills.* Ability to balance security priorities with … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication and stakeholder engagement abilities. * Analytical mindset with strong problem-solving skills. * Ability to balance security priorities … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

Principal Incident Response Consultant – Cybersecurity/DFIR/Threat Hunting Location: UK wide – Remote Salary - £85,000 - £110,000 + excellent benefits Clearance - DV clearance required We’re seeking a Principal Incident Response Consultant to join our client’s elite cybersecurity and digital forensics team. This is a client-facing role where you’ll lead DFIR (Digital Forensics & Incident … Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you’re an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on some of the UK’s most significant cyber cases. Key Responsibilities Incident Response Leadership: Take charge of … from breach triage and containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence and MITRE ATT&CK to attribute attacks and inform More ❯

and address system generated and user-reported security incidents: identify affected systems and scope of the incident, analyze running processes and configurations on affected systems, carry out in-depth threat intelligence analysis to identify an attack type, source, entry point, and possible remediation, implement remediation or escalate incident. Support the ICT Security Incident Management Process as a member More ❯