26 to 50 of 63 Threat Detection Jobs in the UK excluding London

play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich … you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both technical and business audiences) Query Optimization and Performance Tuning: Write efficient Elasticsearch … informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance data enrichment by integrating threat intelligence feeds and contextual information. Keep abreast of relevant technologies in the area Reading, attending briefings and talks. Contribute to the running of your team. Knowledge-sharing, In team More ❯

growing bonus What you'll be doing Drive improvements to cyber security posture across internal and customer-facing platforms Design and secure cloud-based infrastructure and customer applications Perform threat detection, incident response , and vulnerability remediation Maintain security architecture documentation and collaborate with third-party vendors Conduct threat intelligence research and recommend ongoing improvements What you'll More ❯

the Bank's security posture through governance, assurance, architecture, and operations. Manage the relationship and performance of our Managed Security Services Provider (MSSP). Oversee security operations including monitoring, threat detection, incident response, and threat hunting. Lead investigations, forensic analysis, and ensure lessons learned from incidents. Drive project delivery to mitigate key risks and ensure audit-readiness. More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary Work More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary This More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary We More ❯

The specialist also leads assurance assessments to ensure the effectiveness of security controls and compliance with relevant laws, regulations, and industry best practices. Additionally, the role encompasses continuous monitoring, threat detection, and incident investigation to protect organisational assets, as well as leading vulnerability management activities such as scanning, assessment, remediation coordination, and tracking of security weaknesses. About us More ❯

days onsite Rate: Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and fine … tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting - Familiarity More ❯

Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and … fine-tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting More ❯

Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and … fine-tune detection rules and alerts to identify malicious activities. Security Reporting - Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting More ❯

digital assets while staying updated on the latest security threats and trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data More ❯

and reporting across Formula 1 s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1 s security standards Support in the delivery and management of … to reduce risks The definition and operation of secure development/operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1 s cyber security, infrastructure, and digital teams on new and existing More ❯

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance … security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced environment. More ❯

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance … security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced environment. More ❯

your technical expertise will be pivotal. You'll also play a critical role in shaping and safeguarding the organisation's cybersecurity posture - designing and implementing robust security protocols, managing threat detection and response, and ensuring compliance with key standards such as GDPR, Cyber Essentials, and ISO 27001. Collaboration is key, as you'll work closely with IT support … support. Familiar with VMware for virtualisation and cloud-based UC telephony systems. Solid understanding of DNS, DHCP, VPN access, and administration. Hands-on experience with firewalls (e.g., Fortinet), intrusion detection/prevention systems, and Cisco networking/routing. Knowledge of security best practices, including EDR/XDR platforms and antivirus solutions (e.g., EPO). Familiar with identity and access More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security More ❯

MLOps team. In this pivotal role, you will drive the implementation of cloud infrastructure and services enabling the research, training and productionisation of advanced ML models powering our email threat detection and data loss prevention products. You will collaborate closely with Data Scientists, Backend and Data Engineers to lead major initiatives end-to-end ensuring that our ML More ❯

experience onboarding and managing log sources in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting . Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.) . Experience working in a … Security Operations environment or supporting SOC functions . Understanding of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

are fundamental to providing industry-leading customer service. About the Cyber Security Engineer role. The role of our Cyber Security Engineer involves discovering system vulnerabilities via penetration testing or threat modelling, working with DevOps, IT and compliance teams to enforce policies, responding to security incidents, and evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and Systems … Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks are operating securely. Security Tools Implementation: Recommend and implement security tools to enhance … years of experience in IT Infrastructure including security. Strong understanding of network protocols and security technologies. Proficiency in using security tools such as firewalls, antivirus, and intrusion detection systems. Excellent analytical and problem-solving skills. Ability to work under pressure and handle multiple tasks simultaneously. Strong communication and interpersonal skills. What you'll get in return. From 23 days More ❯

Work for a Not-for-Profit compliance company working in the green sector. Responsible for: 1) Cyber Security governance and delivery across the company and their suppliers. Covering: Governance, threat detection, reports, SIEM, DevSecOps 2) Cloud Architecture and Resilience. AWS estate and the platform applications. Assessment of risk and resilience. AWS cloud costs, technical debt, overview of architecture. … This is not a technical hands-on position (other than maybe some config and creation of threat reports). However, you will need a technical background which will give you the authority to discuss architecture at C-Level and engage with 3rd parties. Reporting to Head of IT you will be the lead on Cyber Security and Resilience. More ❯

Operations Centre runs.As SOC Shift Leader, you’ll work across three rotating teams of Tier 1 and Tier 2 analysts, keeping everything running smoothly, ensuring the highest standards in threat detection, and making sure every shift hands over cleanly to the next. You’ll still be hands-on with alerts, triage, and tooling, but you’ll also be … processes, updating SOPs, and helping the SOC evolve. You’ll be the SOC Shift Leader who bridges the gap between the analysts on the floor and the SOC Manager, Threat Intelligence, and Incident Response teams making sure communication is clear and everyone is aligned.To secure this SOC Shift Leader role you will have: Strong cyber security background across network More ❯

and safeguarding critical systems. ?? Key Responsibilities Operate within a Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting ?? Required Skills & Experience At least 2 years' experience in a dedicated Security Analyst role Hands-on More ❯

Compensation $100,000 - $115,000 depending on experience and skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk reviews … of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email Address Phone Number Attach Resume Accepted file types: pdf, doc, docx, Max. file More ❯