23 of 23 Threat Analysis Jobs in the UK excluding London

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of the dedicated SOC team and run our Malware Information Sharing … Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold DV … What you'll be doing: Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of the dedicated SOC team and run our Malware Information Sharing … Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold DV … What you'll be doing: Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 3 Days WFH/2 Days On-SiteUp to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV ClearanceA great opportunity to take your cyber threat intelligence skills to the next level? This is an exciting opportunity to join a fast-growing, mission-driven cyber team working … at the forefront of Defence and National Security.The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on, high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment.As … a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and internal telemetry for threat indicators Translating raw technical data into actionable insights for security teams Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports More ❯

Microsoft Windows Defender (ATP) from Legacy AV Solutions (Symantec, McAfee). The successful candidate will require an aptitude for working with other infrastructure and application teams and to undertake analysis, diagnosis, and resolution of critical, high-priority, and escalated issues. Independently execute migration activities. Supervisory/Managerial Responsibilities EUC Lead/Project Manager Other Responsibilities Budgets, targets, equipment etc. … limited to): Microsoft Defender for Endpoint Microsoft Defender for O365 Microsoft Defender for Identity Microsoft 365 Defender Microsoft Cloud App Security Good knowledge around Endpoint Detection and Response (EDR), Threat & Vulnerability Management (TVM), Attack Surface Reduction (ASR), and Auto Investigation and Remediation (AIR). Experience with Symantec Endpoint Protection (SEPM). Experience in McAfee/Windows Defender Antivirus Policy … Onboard Windows 10 Devices to Microsoft Defender. Remove legacy Antivirus solution from Windows 10 Devices. Hands-on experience deploying ATP Package through GPO, SCCM, or Intune. Good understanding of Threat Analysis, Threat Hunting, and remediating security issues on endpoints. Hands-on experience in creation of policy, file exclusions, monitoring dashboard, reporting, etc. End-to-end support coverage More ❯

SOC Analysts while performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. … Customer Communications - You provide timely incident updates and lead bridging calls with customers during high-priority incidents, ensuring that communications are clear, evidence-led, and aligned to customer expectations. • Threat Hunting Oversight - You lead and coordinate proactive threat hunting across customer environments, using hypothesis-based approaches to identify undetected threats and validate detection coverage. Essential Duties • Advanced Investigation … all available tooling. o Reconstruct attack chains and identify root causes using MITRE ATT&CK. o Recommend and coordinate response actions to mitigate impact during active incidents. • IOC and Threat Analysis o Investigate indicators of compromise using commercial and open-source threat intelligence. o Validate alerts and determine their relevance to customer environments, providing context on adversary More ❯

you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to … the design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure More ❯

investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit requirements Collaborating with wider IT/security teams to improve detection and response capability What you … ll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH or CompTIA CySA+ (desirable More ❯

clients, ensuring their IT environments are resilient against cyber threats. Act as a primary point of contact for clients, providing expert advice on cyber security measures, best practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development … members, fostering a culture of continuous learning and improvement within the security domain. Experience: Proven experience in a Security Consultant Role, with a strong background in incident response and threat intelligence. Familiarity with SIEM tools, CompTIA Security+, and other cyber security certifications are highly desirable. Collaborating with stakeholders and 3 rd parties. Creating security strategies and leading the implementation … skills, with the ability to convey complex information clearly and concisely. Demonstrated ability to manage projects, prioritize tasks, and meet deadlines in a fast-paced environment. Foundational knowledge in threat analysis, forensic investigations, and security countermeasures. The Candidate: We are seeking candidates with a comprehensive IT background, analytical problem-solving skills, and a keen understanding of cyber defence More ❯

test protocols to identify vulnerabilities. Collaborate with engineering teams to propose remediation strategies. Cross-Functional Collaboration Partner with engineering teams to interpret test results and implement effective security measures. Threat Assessment & Response Lead efforts to evaluate vulnerabilities against emerging threats, determine root causes, and develop mitigation plans. Communicate findings to internal teams and external stakeholders. Process Standardization Support and … frameworks (e.g., NIST 800-53, NIST CSF, NIST 800-171, IEC 62443, ISO 27001) Proficiency in network, application, and database security architecture Hands-on experience with vulnerability testing and threat analysis In-depth knowledge of OS and network security (including virtual and cloud-based environments such as AWS) Familiarity with security systems: endpoint protection, firewalls, IDS/IPS More ❯

manage Defender policies, exclusions, dashboards, and reporting. Deploy Defender ATP packages via GPO, SCCM, or Intune. Ensure best-practice endpoint security controls, including EDR, TVM, ASR, and AIR. Conduct threat analysis, hunting, and remediation activities across endpoints. Support and troubleshoot escalated issues across Windows clients and servers. Collaborate with EUC, infrastructure, and application teams to ensure smooth rollout. …/2012/2016). Proficiency with GPO, SCCM, Intune for endpoint deployment and management. Investigative and analytical problem-solving skills across Windows infrastructure. Experience with endpoint detection, threat hunting, and vulnerability remediation. Strong documentation, process, and reporting skills. Excellent communication and stakeholder engagement abilities. Desirable: Industry certifications in Microsoft Security (e.g., SC-200, SC-300) or related areas. More ❯

You are someone who loves to automate mundane tasks, make scalable, highly available, and robust solutions, and ensure whatever youre working on is secure, through things like vulnerability scanning, threat analysis, and patching, which is high on your priority list. Whilst you love new shiny tech and always make a point of having a play around with the More ❯

with regulators, law enforcement, and other external security stakeholders. Oversee physical security systems including access control, CCTV, intruder detection, perimeter protection, and security infrastructure. Conduct and review risk assessments, threat analysis, and security incident investigations. Manage security exercises, drills, and emergency response plans, ensuring readiness at all times. Provide security briefings, training, and awareness programmes to staff, contractors More ❯

with regulators, law enforcement, and other external security stakeholders. Oversee physical security systems including access control, CCTV, intruder detection, perimeter protection, and security infrastructure. Conduct and review risk assessments, threat analysis, and security incident investigations. Manage security exercises, drills, and emergency response plans, ensuring readiness at all times. Provide security briefings, training, and awareness programmes to staff, contractors More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

security. What you'll do: • Own EW requirements and system design for key elements of advanced weapon systems • Lead system integration, RF design, and validation across complex programmes • Perform threat analysis, capability assessments, and operational modelling • Collaborate with internal teams, suppliers, and customers to deliver robust, high-performance solutions Skills & Experience: • Strong systems engineering background across the full More ❯

and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs and CVSS scores More ❯

while continuously improving our security posture and supporting the wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice … Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working onsite, 5 days a week in More ❯

while continuously improving our security posture and supporting the wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice … Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working onsite, 5 days a week in More ❯

while continuously improving our security posture and supporting the wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice … Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working onsite, 5 days a week in More ❯