76 to 100 of 206 Threat Intelligence Jobs in the UK

and above incidents Provide Incident response support for all incidents using playbooks. Forensic/Deep Dive analysis providing value dashboards and reports/Threat Hunting/Threat Intelligence Collaborate and work with the InfoSec SOC team Support future cloud migrations Document policies, processes, toolkits and dashboards Identifying … Years within a Cyber Security role Previous experience as SOC/Security analyst Solid understanding of Security Architecture Experience in MDR, EDR and Threat Hunting SIEM tool exposure Relevant Cyber Security qualifications Excellent communication Skills Scripting or coding in Python, Ruby or PowerShell (desirable) For more information on the More ❯

and maintain strong relationships with clients, becoming a trusted advisor. Strong understanding of foundational IT and networking concepts. Confident writing SIEM queries and performing threat-hunting. Excellent communication skills, both written and oral, to a range of audiences, including senior management. Responsibilities Compiling and presenting high quality monthly reports … clients. Assisting with training and support for our junior analysts. Proactively suggesting improvements for existing SIEM alarms and developing new use-cases based on threat intelligence and client threat models. Creating and improving SOC dashboards to give real-time visibility for clients and stakeholders. Onboarding new clients More ❯

the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with More ❯

to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role … actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver … business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber … threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre More ❯

and oversee enterprise-wide security operations to detect, prevent, and respond to cyber threats. Lead and enhance Security Information and Event Management (SIEM) and Threat Intelligence capabilities. Lead security incident response and forensic investigations, ensuring robust incident handling and mitigation. Report on cybersecurity KPIs and manage significant IS … DLP, and IAM solutions. Working knowledge of security frameworks: ISO 27001, NIST, CIS, SOC 2, GDPR, GXP, etc. Experience in cloud security Proficient in threat modeling, penetration testing, vulnerability management, and security incident response. Demonstrated ability to build security teams and drive cybersecurity initiatives from scratch. Experience in supporting … inclusive team is key to our success. We are building a supportive environment where creative risks are encouraged, and everyone feels heard. Valuing emotional intelligence, empathy, respect, and resilience, we encourage people to be curious and to have a shared commitment to excellence. Join us and make an impact More ❯

foundation for developing advanced cybersecurity expertise in a fast-paced MSP environment. Key Responsibilities: Monitor SIEM, IDS/IPS, EDR, and related tools for threat indicators. Analyse and investigate incidents, escalating when necessary. Conduct threat hunting and forensic analysis. Support rule development and tuning of detection systems. Assist … containment. Maintain and improve SOC documentation and playbooks. Collaborate with team members and other departments to improve overall security posture. Support vulnerability management and threat intelligence processes. Stay informed on emerging threats and security best practices. Required Skills & Qualifications: Degree in Cybersecurity, IT, or related field (or equivalent More ❯

foundation for developing advanced cybersecurity expertise in a fast-paced MSP environment. Key Responsibilities: Monitor SIEM, IDS/IPS, EDR, and related tools for threat indicators. Analyse and investigate incidents, escalating when necessary. Conduct threat hunting and forensic analysis. Support rule development and tuning of detection systems. Assist … containment. Maintain and improve SOC documentation and playbooks. Collaborate with team members and other departments to improve overall security posture. Support vulnerability management and threat intelligence processes. Stay informed on emerging threats and security best practices. Required Skills & Qualifications: Degree in Cybersecurity, IT, or related field (or equivalent More ❯

London, England, United Kingdom Corporate Functions Add to Favorites Incident Response Engineer - Threat Analysis Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven technical background, relevant … Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them Proficient understanding of threat modeling, operational threat intelligence, and common attack vectors Knowledge of web application vulnerabilities with ability to triage/verify OWASP Top More ❯

UK Security Clearance (DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC team through knowledge sharing and mentorship The successful SOC analyst will More ❯

crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong analytical and … maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC team through knowledge sharing and mentorship The successful SOC analyst will More ❯

and maintain strong relationships with clients, becoming a trusted advisor. Strong understanding of foundational IT and networking concepts Confident writing SIEM queries and performing threat-hunting Excellent communication skills, both written and oral, to a range of audiences, including senior management. Responsibilities Compiling and presenting high quality monthly reports … clients. Assisting with training and support for our junior analysts Proactively suggesting improvements for existing SIEM alarms and develop new use-cases based on threat intelligence and client threat models. Creating and improving SOC dashboards to give real time visibility for clients and stakeholders Onboarding new clients More ❯

eradication, and recovery. Perform forensic analysis. Develop trusting relationships with critical third-party security providers. Prepare reports on security incidents and recommend improvements. Develop threat intelligence relevant to the business. Conduct threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate … threats, and technologies. Qualifications Relevant certifications (e.g., CompTIA Security+, CEH, CISSP) are desirable. Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option to More ❯

severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements … and extract indicators of compromise (IOCs). Continuous engagement with the Threat Intelligence and 24x7 Monitoring teams. Provide ad-hoc on-call support to review threats and response actions for off-hour critical incident response. What you'll need Job Complexity: Works on and may lead projects or … equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be More ❯

interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal … communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required More ❯

eradication, and recovery. Perform forensic analysis. Develop trusting relationships with critical third-party security providers. Prepare reports on security incidents and recommend improvements. Develop threat intelligence relevant to the business. Conduct threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate … and assessments. Stay updated with the latest cybersecurity trends, threats, and technologies. Qualifications Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option to More ❯

infrastructure. Experience handling security incidents, including detection, analysis, and response. Proficiency in scripting languages (e.g., Python, PowerShell, Bash). Ability to analyse and utilize threat intelligence to enhance security measures. Experience with security tools such as firewalls, WAFs, intrusion detection/prevention systems, and vulnerability scanners. Conducting security More ❯

event data, and alerts to identify potential threats Knowledge and experience of network protocols, traffic analysis, and cyber-attack methodologies Knowledge and experience of threat intelligence, risk management, vulnerability management, and penetration testing Please note sponsorship is not available for this position, and you must be able to More ❯

to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. Requirements About your Skills We're open-minded when it comes to hiring … engagements. Experience in endpoint based investigations. Experience in cloud based investigations. Experience with Incident Command and conducting Tabletop Exercises Interest in Automation. Interest in Threat Intelligence and Analytic Tuning. A high level understanding of mobile, network and operating system security controls. Any experience of programming in Python, Go More ❯

fulfilling life. YOUR CANDIDATE JOURNEY Discover what to expect during your journey as a candidate with us. The Opportunity: Are you looking for a threat hunter role, detecting cyber threats in support of active forensic investigations? Cyber threats are evolving, and when perimeter security and automated protection aren't … enough, networks are compromised, information is accessed, data is exfiltrated, backups are wiped, and ransomware is deployed, locking up an entire organization. Join our threat detection and response team to perform active threat hunting and assist organizations in recovering from cyber incidents. We're seeking CND and CNO … SentinelOne, CrowdStrike, or Defender for Endpoint Experience with network- and host-based intrusion analysis, digital forensics, or malware handling Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams Knowledge of security principles, including MITRE ATT&CK framework, threat landscapes, or attacker TTPs Knowledge More ❯

and work with cutting-edge technologies in a fast-paced, collaborative environment. What You’ll Do: Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and … as an escalation point for complex or critical security incidents Collaborate with clients and internal teams to enhance security services and posture Champion automation, intelligence-driven security, and regulatory compliance Stay ahead of emerging threats and implement proactive defence strategies What You’ll Bring: 5+ years in cybersecurity operations … SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC (GSOM, GCIH More ❯

and work with cutting-edge technologies in a fast-paced, collaborative environment. What You’ll Do: Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and … as an escalation point for complex or critical security incidents Collaborate with clients and internal teams to enhance security services and posture Champion automation, intelligence-driven security, and regulatory compliance Stay ahead of emerging threats and implement proactive defence strategies What You’ll Bring: 5+ years in cybersecurity operations … SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC (GSOM, GCIH More ❯

and work with cutting-edge technologies in a fast-paced, collaborative environment. What You'll Do Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and … as an escalation point for complex or critical security incidents Collaborate with clients and internal teams to enhance security services and posture Champion automation, intelligence-driven security, and regulatory compliance Stay ahead of emerging threats and implement proactive defence strategies What You'll Bring 5+ years in cybersecurity operations … SOAR, IDS/IPS, Firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC (GSOM, GCIH More ❯

logs, network traffic, and endpoint telemetry Supporting containment and recovery efforts during active security incidents Continuously enhancing SOC capabilities, tooling, and detection rules using threat-informed approaches like MITRE ATT&CK Producing detailed incident reports and documentation for both technical and non-technical stakeholders Assisting with threat intelligence … a Security Operations Centre (SOC) Solid knowledge of SIEM tools such as Microsoft Sentinel or Splunk Familiarity with the MITRE ATT&CK framework and threat detection methodologies Strong analytical skills with a keen eye for detail in log analysis and network monitoring Basic understanding of enterprise security architecture including More ❯