1 to 25 of 112 Threat Detection Jobs in the UK excluding London

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

Cyber Threat Detection/SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond ...

well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices … threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond … incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams ...

high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role … protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect ...

critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct ongoing security … high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation, containment, eradication, and recovery. ...

stakeholders. Key Responsibilities Lead and manage cyber incident response activities from identification through to recovery. Conduct digital forensic investigations across multiple environments. Support threat detection, threat hunting, and security monitoring activities. Develop and enhance incident response processes, playbooks, and best practices. Produce clear technical and executive-level … Clearance Proven ability to lead complex cyber investigations and incident response engagements during live events. Experience with forensic tools, SIEM platforms, and threat detection methodologies. Knowledge of Windows and cloud environments. Excellent analytical, problem-solving, and communication skills. Customer-focused with the ability to remain calm under pressure. ...

defend organisations against evolving cyber threats? Join a highly regarded cyber security provider known for its 24/7 managed security operations, advanced threat detection, and real-time incident response. The team helps organisations across multiple industries stay resilient, secure networks, endpoints, and cloud environments from ever-changing … industry-leading security technologies to safeguard client environments. This role provides the opportunity to develop expertise across a wide range of security technologies, enhance detection and response capabilities. If you are ready to play a pivotal role in protecting organisations from cyber threats while growing professionally within a collaborative ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer to strengthen and evolve advanced threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. … What You'll Be Doing * Leading and developing the Security Operations capability * Managing cyber security incidents and coordinating effective responses * Driving improvements across monitoring, threat detection and vulnerability management * Working closely with technology teams to improve security across cloud, infrastructure and end-user environments * Helping optimise security tools ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat ...

PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. * Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. * Conduct forensic analysis, malware reverse engineering, and develop IOCs and detection signatures. * Manage and integrate logs from various sources … ensuring full visibility and compliance. * Analyse attacker TTPs and manage threat intelligence, including incident assessment and reporting. * Collaborate with stakeholders to ensure operational effectiveness and continuous process improvement. * Maintain knowledge of current cyber threats and emerging trends. What you'll bring: * Proven hands-on experience with SIEM and SOAR ...

emerging AI technologies. You will play a central role in designing, implementing, and continuously improving security capabilities that are increasingly enhanced by AI-driven detection, automation, and intelligent decision support.The position combines deep technical security engineering with forward-looking exploration of AI-enabled security systems, detection engineering … adaptive security systems that evolve alongside both cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging ...

working within Central Government, the Public Sector, or highly regulated scientific environments.Key Responsibilities Define and lead the Cyber Security Operations Centre (CSOC), ensuring effective detection, response, and remediation of cyber incidents Own and continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security … advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability management, and proactive risk mitigation across the estate Lead the analysis of network traffic and behaviours ...

week) £65,000 + benefits We're supporting a major organisation operating within a Critical National Infrastructure (CNI) environment to hire a Senior Cyber Threat Hunter Specialist. This is a hands-on, high-impact role embedded within a mature Security Operations Centre, focused on protecting essential services. The Opportunity … play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse ...

Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience within Cyber Operations, SOC or Incident Response … environments * Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.) * Knowledge of threat detection, malware analysis, endpoint, network or cloud security * Scripting experience (Python, PowerShell or similar) * Strong understanding of cyber risk, controls and security governance * Excellent stakeholder management and communication skills Desirable: * Financial Services experience * Threat ...

seeking an experienced Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally …/CD pipeline design and implementation Proven experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach ...

modernisation, including migration from legacy identity platfo rmsOversee application onboarding and ensure secure identity integration patterns across the organisat ionDrive adoption of identity threat detection capabilities and identity-based risk management practi cesPartner with Security leadership to ensure compliance with regulatory, audit, and governance requireme ntsServe as escalation … Azure AD Con nectDeep understanding of IAM security controls including Conditional Access, Identity Protection, PIM, CIEM, and Govern anceExperience with identity threat detection tools and integration into broader security ecosys temsStrong knowledge of authentication protocols includ ing SAML, OAuth, OpenID Connect, Kerberos, and LDAPExperience working ...

responsibilities: Design and develop advanced risk models, including predictive, probabilistic, and scenario-based modelling approaches Apply data science techniques to risk scoring, anomaly detection, and threat assessment across complex datasets Build and deploy machine learning models into production, ensuring scalability and robustness Develop scenario simulations to model potential … predictive, probabilistic, simulation-based) in real environments Deep experience in risk modelling, including risk scoring frameworks, predictive risk analytics, and scenario modelling Experience in threat detection/anomaly detection, such as fraud, compliance, safety, or security use cases Strong grounding in statistics, hypothesis testing, and experimental design ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service. This role operates on a Monday to Friday ...

scaling a Next-Gen AI SOC (Autonomic Security Operations Model) Lead on investigations, and respond to security incidents across multiple client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/… other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures Collaborate with infrastructure and engineering teams to strengthen security posture Produce detailed incident reports and client-facing documentation Assist with vulnerability management and security compliance activities Contribute to mentoring ...

contain, and remediate cyber threats, while enhancing both client and internal cyber resilience. The successful candidate will bring deep technical expertise in digital forensics, threat analysis, and incident response, combined with the ability to operate effectively in a fast paced, client-facing environment. Key Responsibilities Lead … procedures, and best practices for both client engagements and internal use Provide expert guidance during major incidents, including stakeholder communication and reporting Support proactive threat hunting initiatives in collaboration with SOC teams Produce clear, structured forensic reports suitable for both technical and non technical audiences Ensure evidence is handled ...