51 to 75 of 76 Cyber Threat Intelligence Jobs in the UK excluding London

Looking to Advance Your Cybersecurity Career? Join a Leading cybersect consulting leader. We are partnering with a dynamic cybersecurity firm to recruit a Mid-Level Cyber Security Analyst. This hybrid role supports clients across a range of sectors, offering exceptional growth opportunities within an expanding cybersecurity practice. The Role: You will contribute to technical implementation and operational security as … cybersecurity stack administration for SME and hospitality clients using tools including CrowdStrike Falcon, RoboShadow, Microsoft Defender, and ThreatLocker Assist with incident response playbook development and execution, analysing alerts and threat intelligence for effective remediation Contribute to client compliance guidance across Cyber Essentials/CE+, ISO 27001, and PCI DSS frameworks Provide technical support for pre-sales activities … MSP, MSSP, or consulting environments, or strong development motivation Technical familiarity with security tools including CrowdStrike Falcon, Microsoft Defender, Conditional Access, and MFA Understanding of compliance frameworks such as Cyber Essentials Plus, ISO 27001, and PCI DSS Interest in incident response and real-world security investigations Foundational knowledge of identity security, patch management, and user awareness training Strong written More ❯

and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments … with the latest security trends, threats, and technology solutions. Essential experience, knowledge and skills: Strong understanding and knowledge of Information Security risk management tools and techniques ·A passion for cyber security and active interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. More ❯

and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments … with the latest security trends, threats, and technology solutions. Essential experience, knowledge and skills: Strong understanding and knowledge of Information Security risk management tools and techniques A passion for cyber security and active interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. More ❯

Engineer/Architect Location: Leeds, London The Role: We are seeking a proficient Akamai WAF Engineer/Architect with a strong background in web application security, content distribution, and Threat and Vulnerability Management, including DDoS protections and implementing change projects within the organization. As a member of the Cyber Security Team, you will collaborate with other cybersecurity professionals … across Digital Cyber Security and the broader organization, contributing to the team's success in various areas. Key Responsibilities: Deliver security software and configurations utilizing Akamai, GCP, and Azure cloud-native products. Provide and sustain security solutions for our Enterprise and Digital Channels. Oversee DDoS mitigation, vulnerability management, and threat intelligence, ensuring that layers 6 and … defenses remain proactive against cyber threats. Participate in addressing incidents and threats to Lloyds' cybersecurity to identify strategies for mitigating future attacks. Required Skills: Extensive experience with various WAF solutions for edge, cloud, and on-premise environments. Proficient in WAF tuning and configuration, with a solid foundation in web security principles and practices. Develop custom WAF rules and features More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end cyber incident lifecycle management for … rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis … using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

Join a leading global investment bank as a Senior Cyber Security Analyst, where you'll play a critical role in safeguarding a world-class financial institution. What You'll Do: Responsible for end-to-end incident response operations, including triage, containment, root cause analysis, and post-incident reporting. Perform threat hunting and proactive detection using frameworks like MITRE … ATT&CK and threat intelligence. Maintain and enhance SOC playbooks, runbooks, and standard operating procedures to stay aligned with evolving threats and compliance requirements. Hands on with scripting/python to automate and improve the efficiency of the security function. Conduct in-depth technical security investigations and define appropriate mitigation strategies. What You'll Bring: Proven experience in security … operations, with strong knowledge of networking, Windows and Linux Hands-on with security automation; scripting in Python is a strong advantage. Solid understanding of incident response processes, threat intelligence, and security monitoring. Familiarity with frameworks such as MITRE ATT&CK, NIST, and OWASP. Exposure to secure coding practices and DevSecOps environments is a strong plus (not mandatory) Experience More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Collaborative and detail-oriented, able to work across international teams and regulatory boundaries. Desired skills Experience supporting cybersecurity assurance within other EASA/UK … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

security. We’re looking for an experienced SOC Analyst to join our high-performing Security Operations Centre in Farnborough. This is a unique chance to contribute to real-world cyber defence, on country critical technology, pitting your SCO skills against state of the art attacks. As the SOC Analyst, you will: Monitoring and triaging alerts across secure client environments … during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯

Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What You'll Be Doing: Supporting and … tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO … Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to make an impact? Apply today More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … experience Possession of industry-recognised certifications such as CISSP, CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and More ❯

is a challenging, rewarding role for a seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune … Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the More ❯

with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme. In a supportive working environment, you'll discover something new every day, whether it's a new connection, a new method of engagement or a talent you never … relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams. Security Operations: Implement and enhance security controls across various platforms (Microsoft 365/Azure, AWS, Salesforce, etc.). Manage threat intelligence, monitoring, and incident response. Policy Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. More ❯

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: SIEM Application Engineer Posting Date: 29 Jul 2025 Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF … play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich … you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both technical and business audiences) Query Optimization and Performance Tuning: Write efficient Elasticsearch More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

Cyber Security Engineer Location: West Malling, Kent/Hybrid Salary/package: £55,000 - £60,000 per annum Hours: Full time, 37.5 hours per week Help lead the charge in digital defence! We're looking for an experienced Cyber Security Engineer to join us at Cantium Business Solutions, where you'll play a pivotal role in strengthening and … advancing our cyber security posture. This is your opportunity to bring your expertise to the table and drive impactful security strategies from day one. Who we are Cantium Business Solutions, part of the Commercial Services Group (CSG), delivers high-quality IT and back-office services to the education and public sectors. Our commitment to innovation and customer-centric solutions … a dynamic and agile culture. We're proud to be part of CSG, the UK's largest local authority-owned trading organisation, supporting customers worldwide. Why this role matters Cyber threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations from phishing, ransomware, data theft, and other cybercrimes. The solutions are powered by threat intelligence from Sophos X-Ops and the Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary We're looking for … in Windows internals and low-level development to join our team. This high-performance software captures and analyzes malicious behavior and endpoint activity, delivering rich telemetry for real-time threat detection in the cloud. You'll work closely with engineers, researchers, and security experts to build new capabilities for our Windows agent, spanning both user-mode and kernel-mode. More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

Account Executives and support them with background research and context. Collaborate with marketing to provide feedback on campaign performance and market signals. Stay up to date on cybersecurity trends, threat intelligence, and The clients products and value proposition. You’ll need: 1-2 years’ experience in a sales or business development role, ideally in B2B SaaS or cybersecurity. More ❯

to own, manage and rule their data. One of our specialisations is incybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on delivering … tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance on … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. More ❯

in production with a strong focus on performance, explainability, and cost-efficiency. What You'll Bring: Deep applied experience in ML/DL , with bonus points for work in threat detection , phishing , or abuse detection Proven ability to design and deploy full-stack AI pipelines in production Strong experience in backend engineering , ideally with Go and ML frameworks like … infrastructure (AWS) , Kubernetes , and Terraform Experience evaluating and deploying models (including anomaly detection, RAG, and clustering) in noisy, evolving data environments Nice to Have: Experience with Perl Knowledge of threat intelligence integration and MCP architectures Location: Remote Salary: Up to £120,000 , depending on experience RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯