14 of 14 Remote/Hybrid Threat Detection Jobs in the UK excluding London

Cyber Threat Intelligence Analyst Salary £50,000 - £60,000 - Hybrid - WFH Euro Projects Recruitment is working with a leading Microsoft Partner in Scotland to recruit a permanent Cyber Threat Intelligence Analyst . This is a genuine Cyber Threat Intelligence Analyst role with a strong focus on proactive … threat hunting, intelligence-led investigations and client engagement. The successful Cyber Threat Intelligence Analyst will work closely with SOC analysts, incident responders and engineering teams, using the Microsoft security stack to identify, analyse and mitigate cyber threats. The Role Cyber Threat Intelligence Analyst As a Cyber Threat ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid/Wigan - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

real security operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling Log analysis Microsoft security technologies (including Sentinel, Defender, Entra ID) Automation and scripting fundamentals The successful ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

seamless integration of multi-factor authentication with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response solutions to proactively identify and mitigate identity-based attacks. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos ...

Network & Security Engineering Implement, and support enterprise grade network and security solutions Deploy, configure, and troubleshoot Cisco Firepower firewalls, including policy configuration, VPNs, and threat protection Implement and maintain Cisco Identity Services Engine (ISE) for network access control, authentication, and authorization Work with Cisco Stealthwatch and other Cisco security … tools to provide visibility, monitoring, and threat detection Configure and support FortiGate firewalls where required, including firewall policies, VPNs, and security profiles Produce high quality technical documentation, including designs, implementation guides, and handover documentation Customer Engagement & Communication Serve as a trusted technical advisor to customers, clearly explaining solutions ...

current state, target state, roadmap, sprint backlog and a clear “definition of done”. Translate between exec outcomes and engineer reality: cost, risk, resilience, detection efficacy, operational overhead. Back-of-house delivery Design telemetry pipelines from end-to-end (collect process route store), including: Collection: agents/collectors, APIs … viable operate” checklists per platform Choose Your Primary Lens (One required — experience in both is advantageous) Security/SIEM Telemetry-to-use-case mapping Threat detection concepts and lifecycle awareness Event normalisation and structured security data models Observability/ITOps Distributed systems and service-level thinking Metrics, logs ...

Lead remediation of an agreed list of known Tanium EDR gaps across the estate. Activate, configure, and deploy Tanium Reactions aligned to containment and detection requirements. Support Tanium device discovery, improving asset visibility across hardware, software and telemetry. Integrate device data, software data, and extended telemetry into SIEM … wider detection tooling. Develop and implement CI/CD pipelines for Detection Engineering content deployed through Tanium. Conduct Tanium testing and validation cycles, including rollback procedures to support CI/CD and containment operations. Collaborate with Detection Engineering, Endpoint, and C2E workstreams to ensure readiness for platform ...