1 to 25 of 82 Threat Intelligence Jobs in the UK excluding London

Threat Intelligence Analyst - OSINT London, Cheltenham or Manchester Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working … to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make … our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure. The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal More ❯

Threat Intelligence Analyst - OSINT London, Cheltenham or Manchester Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working … to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make … our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure. The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal More ❯

Threat Intelligence Analyst - OSINT London, Cheltenham or Manchester Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working … to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make … our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure. The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal More ❯

Threat Intelligence AnalystFully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the … and working hard to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. Youll also assist in the development of Technical Controls in accordance with … policy, standards and regulatory requirements. Youll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they More ❯

Threat Intelligence Project ManagerBanking - CybersecurityFully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to find a contract Cybersecurity Project Manager to help shape and deliver cyber threat intelligence initiatives for a global financial institution's Threat Intelligence Centre. This is an exciting opportunity to drive international projects, support executive-level decision … making, and collaborate with high-performing cybersecurity teams across multiple regions. Key Responsibilities Lead and manage end-to-end projects within a global Threat Intelligence Centre, aligning activities with strategic cybersecurity objectives. Develop and monitor project plans, timelines, budgets, and resource allocation. Coordinate with global stakeholders in EMEA, Americas, APAC, Japan, and India to align requirements and ensure … drive cost optimisation and meet strategic goals. Facilitate recurring international meetings by setting agendas, tracking actions, managing time zone/holiday scheduling, and maximising participation. Drive the standardisation of threat intelligence processes, governance, and tooling. Prepare and deliver high-quality executive reports and presentations. Ensure alignment with compliance, risk, and regulatory requirements across multiple jurisdictions. Track progress, identify More ❯

Threat Intelligence Project Manager Banking - Cybersecurity Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to find a contract Cybersecurity Project Manager to help shape and deliver cyber threat intelligence initiatives for a global financial institution's Threat Intelligence Centre. This is an exciting opportunity to drive international projects, support executive … level decision-making, and collaborate with high-performing cybersecurity teams across multiple regions. Key Responsibilities Lead and manage end-to-end projects within a global Threat Intelligence Centre, aligning activities with strategic cybersecurity objectives. Develop and monitor project plans, timelines, budgets, and resource allocation. Coordinate with global stakeholders in EMEA, Americas, APAC, Japan, and India to align requirements … drive cost optimisation and meet strategic goals. Facilitate recurring international meetings by setting agendas, tracking actions, managing time zone/holiday scheduling, and maximising participation. Drive the standardisation of threat intelligence processes, governance, and tooling. Prepare and deliver high-quality executive reports and presentations. Ensure alignment with compliance, risk, and regulatory requirements across multiple jurisdictions. Track progress, identify More ❯

clients. The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecurity threats, as well as managing security tools and mentoring junior analysts. This role involves proactive threat hunting, incident response, and collaboration with cross-functional teams to enhance the organization s security posture. Your responsibilities: (Up to 10, Avoid repetition) Incident Detection and Response: Lead investigations … and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures. … Threat Hunting & Analysis: Proactively search for threats across the environment using behavioral analysis and threat intelligence data. Analyze data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. Collaborate with other security teams to uncover hidden threats and vulnerabilities. Incident Forensics: Perform in-depth forensic analysis to determine More ❯

consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The role leads the CSOCs Threat Intelligence team within NHS England CSOC comprised of four primary functions: Intelligence Collection & Analysis - Perform collection, aggregation, analysis and contextualisation of healthcare and security information to produce … actionable CTI. Cybersecurity Threat & Risk Assessment - Perform high-level risk assessments of current and emerging threats to the health & social care estate. Intelligence Dissemination & Reporting - Produce stakeholder-specific intelligence reporting for stakeholders. Specialist CTI Support - Provides specialist CTI support to CSOC during high complexity incidents. The post of Cyber Security Lead Analyst - Threat Intelligence has … payment equal to 30% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Cyber Security Lead Analyst (Threat Intelligence) you will: Ensure the objectives and activities of the Threat Intelligence teams and Assessments are aligned with overarching CSOC strategy. Represent the function at operational More ❯

Primary Details Time Type: Full time Worker Type: Employee Threat Intelligence Specialist London Permanent (Hybrid) At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity We’re excited to be hiring a Threat Intelligence Specialist to join our Advanced … Threat Services (ATS) Teamon a full-time, permanent basis! You’ll be part of a supportive team that thrives on teamwork and innovation, where your expertise will be valued as we work together to tackle the ever-evolving cyber threat landscape. We’re looking to welcome our new team member from early January 2026 , so if you’re … ready to make an impact in the new year, we’d love to hear from you! Your New Role Reporting to the Technical Threat Manager , you’llbe responsible for researching, analysing, and reporting on cyber threats targeting QBE’s global operations and technology environment. This role has a strong technical focus, centred on the collection, enrichment, automation, and analysis More ❯

Join Police Digital Service an NMC Cyber Threat Intelligence Specialist. Permanent FT. Starting salary £45,000 per annum. About Police Digital Service This is an opportunity to play your part and protect our company, our customers and our communities from cyber attack. Be part of a dedicated team and get ready to be challenged every day to make … where your contribution is always valued.The National Management Centre provide visibility and control of information risks for Policing. It supports the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national … and force level.As a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders.Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions.Limiting the impact of known cyber risks by engaging forces More ❯

Cyber Threat Intelligence Specialist - Contract role We are supporting our client, a leading IT services and solutions company, in their search for a Cyber Threat Intelligence Specialist in Hertfordshire. In this role, you'll be responsible for gathering, correlating, and interpreting data from multiple sources to deliver actionable threat intelligence. You'll assess how a … to key stakeholders. *Candidates must hold valid SC clearance* Contract Details Initial Term: 3 months (with strong potential for extension) Location: Hertfordshire Work Model: Hybrid Key Responsibilities Work with Threat Intelligence Platforms (TIPs), taking ownership of these platforms. Analyse and assess cyber threats, identifying patterns and trends. Apply the intelligence life cycle, from collection through to reporting. … Ensure the Threat Intelligence Programme meets organisational aims. Influence and advise stakeholders on security-focused decisions. Work closely alongside other Security Operations teams such as SOC. Identify intelligence of concern across various sources and tools, and conduct analysis and assessment of such threats and their potential impact on the business. What We're Looking For Experience in More ❯

Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to … Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update … detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage Indicators of Compromise More ❯

that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in … will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl … of a team that safeguards the digital assets of a cutting-edge organization? Look no further – Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Security Intelligence Analysts . The Kyndryl CSIRT (Cybersecurity Incident Response Team) is looking for a Security Intelligence Analyst to join an advanced team that drives proactive identification of threats within More ❯

Cyber Security Threat Hunter Bristol/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux More ❯

Cyber Security Threat Hunter Edinburgh/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux More ❯

Cyber Security Threat Hunter Peterborough/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us Available Locations: London, UK About The Department Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global … networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers. About The Role Cloudflare is a system spanning the globe, on a mission to make the internet better, safer, and more powerful everyday. To help fulfill this mission, we More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

Account Executive – Cybersecurity SaaS (Hybrid, London) Location: London (Hybrid – 2–3 days/week in office) Industry: Cybersecurity/Threat Intelligence About the Company A fast-growing cybersecurity vendor backed by top-tier investors, this company delivers cutting-edge threat intelligence solutions to help organisations stay ahead of evolving threats. Trusted by global pharma leaders and … decision-makers Consistently meet and exceed revenue targets Requirements 3+ years of experience in SaaS or cybersecurity sales Proven track record of closing complex enterprise deals Strong understanding of threat intelligence or willingness to learn Excellent communication and consultative selling skills Based in London or able to commute to the office 2–3 days/week Why Join More ❯

critical assets, and driving the integration of automation and AI to enhance our security operations. Security Analysis Monitor and analyse security alerts to detect threats, using behavioural analytics and threat intelligence to uncover anomalies. You'll also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. … and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams, you'll ensure endpoint configurations meet organisational standards. You'll also enhance threat-hunting capabilities by integrating threat intelligence and correlating EDR data with SIEM and XDR platforms for deeper insights. Data Loss Prevention (DLP) In this part of the … response lifecycle from containment to recovery. You'll document incidents thoroughly, follow established playbooks, and help improve them over time. Automation will be key to streamlining investigations and enriching threat intelligence. Testing and Validation You'll take part in cyber crisis simulations, penetration testing, and table-top exercises to ensure our defences are robust and response plans are effective. More ❯

clearance Summary Are you a SOC Detection Engineer looking to support national Cyber Defence capabilities? This role offers the opportunity to contribute to the development and optimisation of advanced threat detection systems within a highly secure environment. You will work within a Security Operations Centre (SOC), designing and maintaining detection logic across SIEM (Security Information and Event Management) and … Engineer, you will be part of a specialist cyber operations team responsible for implementing and maintaining high-fidelity detection capabilities. You will contribute to the development of detection rules, threat hunting activities, and automation workflows to support incident response and continuous improvement. Key responsibilities include: Designing and tuning detection rules and use cases in SIEM and EDR platforms Monitoring … and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation scripts and playbooks to streamline triage and response Documenting detection processes and providing knowledge transfer More ❯

clearance Summary Are you a SOC Detection Engineer looking to support national Cyber Defence capabilities? This role offers the opportunity to contribute to the development and optimisation of advanced threat detection systems within a highly secure environment. You will work within a Security Operations Centre (SOC), designing and maintaining detection logic across SIEM (Security Information and Event Management) and … Engineer, you will be part of a specialist cyber operations team responsible for implementing and maintaining high-fidelity detection capabilities. You will contribute to the development of detection rules, threat hunting activities, and automation workflows to support incident response and continuous improvement. Key responsibilities include: Designing and tuning detection rules and use cases in SIEM and EDR platforms Monitoring … and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation scripts and playbooks to streamline triage and response Documenting detection processes and providing knowledge transfer More ❯

maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team … join our Blue Team. The ideal candidate will be a self-starter with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident … the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious activity · Proactive threat hunting using available client data · Collection More ❯