1 to 25 of 67 Cyber Threat Intelligence Jobs in the UK excluding London

Please Note: The deadline for applying is 23.59 the day before the job posting end date. Job Title: Strategic Threat Intel Senior Manager Business Function: Cyber Security - Threat Intelligence Location: Kingston/Port Sunlight Reports to: Director of Threat Intelligence Unilever is one of the world's leading suppliers of Food, Home, and Personal … with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our … people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security enables secure innovation and resilience across our global business. Our structure is built around product families and risk-based priorities, with teams embedded across regions and business units. JOB PURPOSE We are seeking a highly motivated and experienced Strategic Threat Intelligence Manager to More ❯

Cyber Threat Intelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber Threat Intelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a … highly competitive salary and the opportunity for remote working. The Role As a Cyber Threat Intelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the More ❯

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them ahead of the curve when it comes … to threat management and security automation. This is a rare opportunity to join a large organisation and play a pivotal role in building new capabilities with no legacy systems in place and you'll have the chance to shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on-site Salary: Up to £79,000 If you're interested in this exciting opportunity, please apply or send your CV to More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

As part of our Cyber team, you will help us build a world-class security automation, orchestration, and response capability that will navigate challenging security incidents, drive process improvement, and develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools needed to scale our detection and response … Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence More ❯

As part of or Cyber team You will help us build out a world class security automations, orchestration and response capability that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools that we need to scale our detection … security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence More ❯

of our digital transformation, and it's our job within the Chief Security Office (CSO) to ensure that we keep our customers, colleagues and assets safe from threat. Our Cyber & Physical Defence Centre is undertaking an end-to-end modernisation to increase our ability to stay one step ahead of cyber adversaries. We pride ourselves on our innovative … approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance … Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber event triage, classification, and investigation Complete containment, remediation, and recovery activities Build and maintain reporting mechanisms and documentation Perform root cause analysis and support post-incident reviews Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions More ❯

Salary Competitive Manchester (Hybrid working model, 2 days a week office based, 3 days remote) Competitive Salary plus performance related bonus Smart DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting … edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in our Cyber Security Team, offering the opportunity to work on high-impact projects across the smart energy industry while advising internal stakeholders and supporting national infrastructure. What will you be doing? Act as a technical lead and escalation … day-to-day SOC activities, ensuring timely escalation and resolution of incidents. Mentor junior analysts, support skills development, and facilitate tabletop exercises and simulations. Drive use-case development and threat detection content using advanced analytics, including machine learning and security automation. Maintain and update SOC processes, procedures, and documentation. Help build and mature threat intelligence capabilities and More ❯

new CISO, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape … gain intel from the firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Reporting to the global Head of Cyber Defence, the Cyber Defence and Security Operations Manager is a … key role within the firm which is responsible for day-to-day management of the Cyber Defence and Security Operations Centre within their time-zone, EMEA & APAC. They will make sure that the firm can effectively monitor, analyse, and respond to cyber security events and incidents and will oversee a team of senior analysts and analysts, providing guidance More ❯

615p/d via Umbrella Role Description: We are seeking a Programme Director with deep expertise in cybersecurity and financial services to lead the strategic delivery of critical cyber initiatives within our Cyber Business Unit. This role is being released to subcontractors due to current limitations in internal senior-level capacity. The successful candidate will be responsible for … overseeing the design, governance, and execution of cybersecurity programmes that protect sensitive financial data, ensure regulatory compliance (e.g., FCA, PRA, DORA), and enhance the organisation's cyber resilience. This is a high-impact leadership role requiring strong stakeholder engagement, risk management, and delivery assurance across a portfolio of cyber initiatives, including threat intelligence, incident response, secure … transformation, and third-party risk management. Key Responsibilities: Lead the end-to-end delivery of cybersecurity programmes aligned with financial services regulations and business objectives. Drive the implementation of cyber risk frameworks, secure architecture, and operational resilience strategies. Engage with executive stakeholders, including CISOs, CROs, and regulatory bodies, to ensure alignment and transparency. Oversee programme governance, resource planning, and More ❯

of our digital transformation, and it's our job within the Chief Security Office (CSO) to ensure that we keep our customers, colleagues and assets safe from threat. Our Cyber & Physical Defence Centre is undertaking an end-to-end modernisation to increase our ability to stay one step ahead of cyber adversaries. We pride ourselves on our innovative … approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Lead Detection & Response Engineer in our Cyber Defence Centre. This role involves leading our Detection & Response Engineering team, managing team performance and development, and driving strategic projects that enhance our cyber defence capabilities! What you'll do Play a leading role … effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions More ❯

of our digital transformation, and it's our job within the Chief Security Office (CSO) to ensure that we keep our customers, colleagues and assets safe from threat. Our Cyber & Physical Defence Centre is undertaking an end-to-end modernisation to increase our ability to stay one step ahead of cyber adversaries. We pride ourselves on our innovative … approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Lead Detection & Response Engineer in our Cyber Defence Centre. This role involves leading our Detection & Response Engineering team, managing team performance and development, and driving strategic projects that enhance our cyber defence capabilities! What you'll do Play a leading role … effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions More ❯

Cyber Security Analyst £52k - £55k Hybrid, Portsmouth 12-month FTC - possible to extend/go permanent Your new company Our client is dedicated to providing high-quality service to its customers, ensuring a reliable and sustainable service. They manage resources, maintain infrastructure, and implement innovative solutions to meet the needs of the community. Their commitment to excellence includes rigorous … manage their accounts. Join a team that values environmental stewardship and strives to deliver essential services with integrity and professionalism. Your new role You'll be joining an established Cyber team, supporting them to help them to achieve the CAF framework regulations, whilst getting involved with SIEM, Vulnerability Management, Threat Intelligence and IAM. Part of the team … executing a cyber improvement programme to enhance security posture Support compliance with relevant Cyber Security regulations, standards, and frameworks Implement and manage security monitoring tools and systems to detect and respond to security events Identify and assess potential security risks and vulnerabilities and develop strategies to mitigate them. Monitor security logs, alerts, and reports identifying potential security incidents More ❯

of our data across the organization. You will play a critical role in implementing, managing, and optimizing security measures to protect our systems, networks, and data from unauthorized access, cyber threats, and data breaches. The ideal candidate should have a strong background in cybersecurity, particularly in DLP of email security, cloud applications, endpoints and threat prevention with a … proven ability to respond to evolving security challenges. Responsibilities: Proofpoint Management: Configure, deploy, integrate, and manage Proofpoint security solutions, including email security, data loss prevention (DLP), threat protection, and information protection. Monitor and analyse Proofpoint alerts and logs to detect and respond to security incidents and threats. Regularly update and optimise Proofpoint configurations to adapt to evolving threat … regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber threats targeting the organisation. Participate in or lead incident response activities related More ❯

Description We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards improving CME Group's security posture. This role will be responsible for participating in the execution of Red Team cyber exercises of internal and internet facing information systems and infrastructure to identify … misconfigurations and cyber security vulnerabilities that could be exploited by a threat actor to gain unauthorized access to computer systems and data. In addition, the role will require participation in Purple Team exercises to help the Blue Team improve their detection capabilities. This is a perfect opportunity for the right person to become a key part of a … team of highly skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. Principal Responsibilities Lead red team exercises against a hybrid environment using threat intelligence and the MITRE ATT&CK Framework. Participate in purple team exercises that are intelligence driven to test cyber detections Build and maintain Red and Purple More ❯

What do you want to search? Keyword Apprenticeship Type Location Cyber Security Technologist Apprentice Cyber Security Technologist Apprentice , Apply From: 20/05/2025 Learning Provider Delivered by METAGEDU APPRENTICESHIPS LTD Employer GLOBAL BANKING SCHOOL LTD Vacancy Description Skills an apprentice will learn: Discover vulnerabilities in a system by using a mix of research and practical exploration … Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards Research and investigate common attack techniques and relate these to normal and observed digital system … behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source) Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer Source and analyse security cases and describe what threats, vulnerability or risks are mitigated More ❯

days onsite requirements. Your new role This role is accountable for the key security operations areas, including, but not limited to, Incident Management, Incident Response, Proactive Security Monitoring, Threat Hunting, Security Incident Analytics, Incident Trend Analysis and Reporting.You will be responsible for using analytics to provide insight to other security leaders in order to enhance policies and processes related … gaps and work with colleagues to expand visibility in identified areas Work with Security engineering and Security architecture teams to seek new and innovative approaches to prevent and identify cyber threats using endpoint, network and cloud security solutions and emerging security technologies Lead all people management facets including recruiting, hiring, performance management. Effective management of 3rd Party Managed Service … provider supporting Security Operations What you'll need to succeed 5+ years of experience in incident response or penetration testing with proven experience handling cyber threats from external and internal sources 3+ years of leadership experience in a Managed Security Operations Centre or similar incident command organisation or reporting structure 2+ years of security solution design and security architecture More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the … to business goals. Oversee the development of all content formats-blogs, reports, whitepapers, case studies, videos, podcasts, and more. Lead cross-functional content planning and collaboration with teams including threat intelligence, research, product, and leadership. Maintain a high editorial standard across all outputs, ensuring consistency of voice, quality, and brand alignment. Campaigns & Promotion Develop and manage content-led … with timely, expert commentary on major industry events. Contribute to analyst relations efforts, including engagement, briefing coordination, and relationship development. Website & SEO Own the SEO strategy for the Searchlight Cyber website and track performance metrics such as keyword rankings, traffic, and domain authority. Maintain and optimize website content, including blogs, reports, videos, podcasts, and other key resources. Ensure the More ❯

a Security Operations Centre Manager to help make that vision a reality. In this pivotal role, youll lead and manage ECCs Security Operations Centre (SOC) team, driving forward their cyber security capabilities to ensure robust protection across their digital estate. With a strong cloud-based infrastructure already in place, your expertise will help them to maintain, develop, and refine … needs of local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate More ❯

to a wide range of clients across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and … contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

Cyber Security Analyst - Tier 3 When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team! Role: Cyber Security Analyst Tier 3 Work location: Nottingham or Sheffield (Hybrid) Salary banding … energetic, friendly people we would love to hear from you. The role and what youll be getting up to on a day to day basis: Littlefish is seeking a Cyber Security Analyst Tier 3 to come and join our growing Cyber division. As our Cyber Security Analyst Tier 3, you will monitor customer infrastructure for potential threats. … and response to security alerts to identify security incidents and act to appropriately contain threats. Supporting, as required, the CSOC Manager in the day-to-day running of the Cyber Security Operations Centre (CSOC) operations team. Acting as a point of escalation for the Cyber Security Analysts the role has responsibility for coaching and mentoring the analysts on More ❯

Location(s): UK, Europe & Africa: UK: Gloucester BAE Systems Digital Intelligence is home to 4,500 digital, cyber, and intelligence experts. We work across 10 countries to collect, connect, and analyze complex data, enabling governments, armed forces, and businesses to achieve digital advantages in demanding environments. Job Title: Threat Hunter Requisition ID: 121789 Location: Leeds - hybrid … members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection … vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating the need for improvements through scenarios and red teaming. Perform complex threat More ❯