1 to 25 of 68 Threat Detection Jobs in the UK excluding London

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced More ❯

Detection & Threat Hunt Lead Analyst Engage at our Cheltenham office. Secure employment is subject to satisfactory BPSS and SC security clearance, requiring five years continuous UK address history (no 30+ consecutive days outside the UK), and declaration of being a British passport holder with no dual nationality at the point of application. As a member of the SOC … Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to help ensure that detection strategies are tailored to each client's threat … and security objectives. This role offers a balance of technical hands on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. Key Responsibilities Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. Maintain detection content More ❯

Detection & Threat Hunt Lead Analyst Cheltenham Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being a British passport holder with no dual nationalism at the … us.” – Julie Sweet, Accenture CEO As a team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other SOC functions to … help ensure that detection strategies are tailored to each client’s threat profile and security objectives. This role offers a balance of technical hands-on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. More ❯

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … a great deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related More ❯

enriches security telemetry across cloud, endpoint, identity, and network environments. You'll lead cross-functional teams to deliver scalable, SaaS-native capabilities that provide customers with complete visibility and detection coverage, enabling them to detect and respond to threats with speed and confidence. *About The Team* This role is part of Rapid7's Detection & Response product organization, responsible … for delivering the core SaaS and managed service capabilities that power our customers' security operations. The team owns the end-to-end foundation for detection and response, from event source ingestion and detection rule management to alert triage, incident management, and automation, enabling customers and MDR analysts to detect, investigate, and respond to threats with speed and confidence. … Event Ingestion, your primary responsibility will be to lead the strategy, roadmap, and execution to deliver comprehensive visibility across the modern attack surface. You'll focus on enabling complete detection and response coverage across both first-party and third-party event sources, ensuring our customers have no blind spots in their threat detection capabilities. This role drives More ❯

experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC … will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate … a 24×7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing More ❯

exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure & Network Security Design, implement, and maintain secure … to safeguard identity and access across the enterprise. Virtualisation & Endpoint Protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving More ❯

SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log … sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client’s systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain … high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

and commitment will allow you to deliver high quality outputs. Reporting to the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.You will help us deliver improvements across several of our cyber security domains including Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams. … Key Responsibilities: SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response Perform log source onboarding, parsing, and data normalisation on various data types Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations Log Management & Data Engineering: Engineer and maintain log pipelines using More ❯

Flow environment. Policy Development : Create and enforce security policies and procedures to protect network resources and data. Security Management : Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems, and VPNs. Incident Response : Lead and coordinate responses to security incidents, including investigation, mitigation, and reporting. Compliance : Ensure compliance with relevant security standards and regulations, such … using Python, PowerShell, or Terraform. Security Certifications – Industry-recognized certifications such as CISSP, CISM, CCNP Security, AWS Certified Advanced Networking, or Nutanix Certified Professional – Multicloud Infrastructure (NCP-MCI). Threat Detection & Incident Response – Experience in real-time threat monitoring, and coordinated incident response efforts. Compliance & Governance – Familiarity with security frameworks and regulations such as GDPR, HIPAA, PCI … Networking (SDN) & Network Virtualization – Hands-on experience with SDN solutions and network segmentation strategies. Security Automation & Scripting – Proficiency in automating security workflows using Python, PowerShell, Terraform to enhance efficiency. Threat Hunting & Intelligence – Knowledge of threat intelligence platforms, attack vectors, and proactive threat hunting methodologies. Security Auditing & Assessment – Experience conducting risk assessments, penetration testing, and security audits for More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

CYSA+, SEC+, BLT1, SC-900 etc... This could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: - Experience in an IT-focused … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

pivotal role in strengthening cyber resilience. You’ll have the freedom to make a real impact—defining strategy, driving continual improvement, and mentoring talented analysts to deliver world-class detection and response capabilities. As the SOC Operations Manager, you will: Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence. Oversee the full … lifecycle of security incidents — from detection through to resolution and review. Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee vulnerability management, threat intelligence, and incident response plans. Communicate security posture, risks, and incident outcomes clearly to … a number of the following to this SOC Operations Manager role: Proven experience leading SOC operations in a 24×7 or multi-client environment. Strong background in incident management, threat detection, and escalation processes. Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing More ❯

seeking a skilled Cyber Security and Resilience Engineer to play a pivotal role in fortifying security infrastructure. You will support our Cyber Security Operations strategy by managing and optimising threat protection and detection tools across web, email, endpoints, and cloud environments. This is an exciting opportunity to work closely with cross-functional teams, outsourced security partners, and internal … on expertise with Azure, Entra, and Microsoft 365 Cloud Security Engineering Proficiency in writing complex PowerShell scripts Experience managing security for IaaS, PaaS, and SaaS platforms Strong understanding of threat detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT More ❯

seeking a skilled Cyber Security and Resilience Engineer to play a pivotal role in fortifying security infrastructure. You will support our Cyber Security Operations strategy by managing and optimising threat protection and detection tools across web, email, endpoints, and cloud environments. This is an exciting opportunity to work closely with cross-functional teams, outsourced security partners, and internal … on expertise with Azure, Entra, and Microsoft 365 Cloud Security Engineering Proficiency in writing complex PowerShell scripts Experience managing security for IaaS, PaaS, and SaaS platforms Strong understanding of threat detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT More ❯