1 to 25 of 46 Threat Detection Jobs in the UK excluding London

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit … someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

Cyber Threat Intelligence Analyst Salary £50,000 - £60,000 - Hybrid - WFH Euro Projects Recruitment is working with a leading Microsoft Partner in Scotland to recruit a permanent Cyber Threat Intelligence Analyst . This is a genuine Cyber Threat Intelligence Analyst role with a strong focus on proactive … threat hunting, intelligence-led investigations and client engagement. The successful Cyber Threat Intelligence Analyst will work closely with SOC analysts, incident responders and engineering teams, using the Microsoft security stack to identify, analyse and mitigate cyber threats. The Role Cyber Threat Intelligence Analyst As a Cyber Threat ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

role, and you’re ready to make it your core focus. This role suits someone who has been actively involved in security monitoring , threat detection , vulnerability management , or incident response, and now wants to deepen their expertise in a dedicated cyber security position. The role: You’ll play … alongside relevant commercial experience. What matters most is that you can demonstrate real, practical exposure to cyber security, including: Security monitoring and alert investigation Threat detection and vulnerability assessment Experience with tools such as SIEM, IDS/IPS, firewalls, and endpoint protection A good understanding of common attack ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid/Wigan - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

Threat Engineering & Application Security Lead What you become a part of Join Coca-Cola Europacific Partners (CCEP) as a key leader within our BPT Service Delivery & Security organisation. You will be part of the CISO Leadership Team, shaping and driving our cybersecurity strategy across Europe. In this role … will lead the Threat Engineering & Application Security function, ensuring our platforms, applications and tooling remain resilient, modern and aligned to an evolving threat landscape. You will collaborate with talented engineering, architecture, operations and project teams to help safeguard CCEP’s information, strengthen detection and prevention capabilities ...

Join Police Digital Service as NMC Cyber Security Detection Engineer Salary starting at £50,000 About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that … Police Digital Service and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

real security operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling Log analysis Microsoft security technologies (including Sentinel, Defender, Entra ID) Automation and scripting fundamentals The successful ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation ...

trust principles, control enforcement, and secure network transport. WHAT YOU WILL DO Own and manage vulnerability management program across cloud and containerized workloads. Oversee threat detection, incident response, and forensic analysis coordination with external SOC provider. Own and manage network design, segmentation, and secure interconnectivity across AWS, Azure ...