23 of 23 Remote/Hybrid Threat Intelligence Jobs in the UK excluding London

looking for a Cyber Threat & Vulnerability Analyst to join our Cyber Security team, helping protect the systems that deliver essential water services to millions of customers every day. You'll play a key role in identifying, assessing, and reducing cyber risk across a large and complex technology estate, making … closely with technical teams and business stakeholders to keep our services safe, resilient, and running smoothly. What you'll be doing as a Cyber Threat & Vulnerability Analyst: As a Cyber Threat & Vulnerability Analyst, you'll be responsible for supporting and improving how we identify, assess, and manage cyber ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst Experience working with Splunk Familiarity with … threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols and attacker ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments Familiarity with risk management tools and methodologies. What ...

deliver high-quality detections across Microsoft Sentinel and Splunk, helping protect critical systems and clients in real time. If you thrive on turning threat intelligence into actionable detection logicand enjoy working at the heart of a live SOCthis is your opportunity to make a real impact. This role … improve SOC efficiency. Validate detections against telemetry and ensure accuracy. Support onboarding of log sources across cloud, infrastructure, identity and network. Collaborate with SOC, Threat Intelligence and Security Architecture teams. Investigate detection issues and improve performance and reliability. Drive continuous improvement using automation, scripting and best practice. Ensure ...

Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security … incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams ...

assessing and mitigating cyber threats across enterprise systems while helping to shape and improve the organisation’s overall security posture. Key Responsibilities Cybersecurity Operations & Threat Management Conduct ongoing threat assessments across operational systems and infrastructure Identify vulnerabilities, threat vectors and areas of security risk Design and implement … security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents and testing activities Security Governance & Risk Management Support ...

validating effectiveness through scanning and review Operate and support key security technologies including SIEM, endpoint protection and email/web security tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Strong understanding … information security principles, risk management and the threat landscape Experience operating and monitoring security tooling such as SIEM, endpoint protection and email/web security solutions Ability to conduct proactive threat hunting and contribute to improving detection capability Awareness of cloud security controls and standards Experience working with ...

endpoint detection systems. Identify and escalate potential security threats or vulnerabilities in real-time. Continuously optimize SOC workflows, tools, and processes for greater efficiency. Threat Intelligence and Analysis: Proactively research and assess emerging threats, vulnerabilities, and attack vectors. Develop strategies to mitigate risks based on threat intelligence. … Technology, or a related field. Equivalent work experience may be considered. Experience: 4+ years of experience in cybersecurity, preferably in SOC, incident response, or threat analysis roles. Certifications: Relevant certifications such as CISSP, CEH, GCIH, GCIA, or CISM are highly desirable. Cybersecurity Engineer - Technical Skills: Knowledge of firewalls ...

tooling is optimised and actively protecting client environments. Collaborate with teams to assess risks and design effective security controls. Support senior engineers across SIEM, threat intelligence and malware platforms. Apply updates, manage changes and follow robust operational processes. Stay ahead of emerging threats and drive continuous improvement. What ...

skills, including clear documentation and reporting. Good planning and organisational skills with attention to detail. Technical experience and skills Understanding of cybersecurity domains, including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response, and Cryptography. Familiarity with information ...

Group Digital Assets where appropriate to ensure a complete product and service offering is available to AIB UK customers. Stay current with cyber threat intelligence and market trends, proactively liaising with Group Cyber teams in regular Forums & Committees Promote a culture of cyber awareness, working with Group Cyber ...

hard problems, enjoys experimentation, and wants to see their research translate into real-world impact. You'll work across the full research lifecycle, from threat intelligence and vulnerability analysis through to prototyping and delivery, collaborating with multidisciplinary teams on challenges that matter. Role duties Research emerging cyber security ...

over the next decade, this is the place to do it. Location: UK-based hybrid role The role We're looking for a motivated Threat & Vulnerability Analyst to join our Threat Informed Defence team. You'll play a key role in identifying, analysing and managing vulnerabilities and risk … across the organisation, using a range of security tooling and threat intelligence. You'll monitor emerging risks, triage findings, and support remediation activities working closely with teams across the business. This includes analysing security data across on-prem and cloud environments, leveraging EDR capabilities, and contributing to a threat ...

learn and evolve from real customer environments Developing systems that correlate data across multiple sources to quantify and surface risk Contributing to AI-driven threat detection capabilities Collaborating closely with engineering, research and security teams Your Impact This is a role with meaningful reach. The systems you build will … contributing to ML platforms or internal AI tooling Demonstrated ability to work across complex, multi-source data environments Desirable Experience in a security, threat intelligence or data-intensive product domain Familiarity with MLOps practices and model lifecycle management Exposure to autonomous agents, agentic workflows or tool-use patterns ...

sensitive data and systems effectively Key responsibilities of the role include: Deploy, configure, and maintain, troubleshoot security tools such as SIEM, EDR, DLP, VM, Threat Intel,PAM etc extending to Cloud toolsets Perform assessments to understand the current and potential security gaps Use monitoring tools to detect and anomalies ...

knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. Operated endpoint security and endpoint detection and response (EDR) tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk … based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through to completion. Act as Incident Commander for security incidents during London hours, coordinating first responders, IT, Legal, Compliance ...