1 to 25 of 90 Threat Intelligence Jobs in the UK excluding London

the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Strategic Threat Intelligence team, reporting to the Strategic Threat Intelligence Manager. As a senior member in this team, you will have some limited line management responsibilities but will … be expected to be heavily involved in the training and mentoring of other Threat intelligence team members, as well as supporting the overall growth of the Strategic Threat Intelligence team. You will be expected to have strong consultancy skills and experience in delivering large/complex pieces of client facing work where you will need to … be able to manage multiple internal and external stakeholders. Key Accountabilities Support the development and growth of our Strategic Threat Intelligence capabilities in line with our overall Threat Intelligence and Corporate Strategy Support and lead the delivery of Regulator-driven Threat Intelligence Engagements (CBEST, TIBER, CORIE, iCAST, AASE) Deliver services from our Threat More ❯

Threat Intelligence Lead £55000-65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Threat Intelligence Lead Leeds - 5 days on-site Up to £65,000 + DV Cleared Bonus We are currently recruiting for a Threat Intelligence Lead to join one of the UK's most critical national defence … programmes. This is an opportunity to lead a high-performance team operating at the forefront of cyber threat intelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As Threat Intelligence Lead, you will be responsible for managing the production of actionable threat intelligence and vulnerability assessments … ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the Threat Intelligence Lead: Lead the development and delivery of threat intelligence and vulnerability products. Select and profile key threat actors posing the greatest risk to the client's estate. Own the continuous development of Priority Intelligence Requirements (PIRs More ❯

Threat Intelligence Lead £55000-65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Threat Intelligence Lead Leeds - 5 days on-site Up to £65,000 + DV Cleared Bonus We are currently recruiting for a Threat Intelligence Lead to join one of the UK's most critical national defence … programmes. This is an opportunity to lead a high-performance team operating at the forefront of cyber threat intelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As Threat Intelligence Lead, you will be responsible for managing the production of actionable threat intelligence and vulnerability assessments … ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the Threat Intelligence Lead: Lead the development and delivery of threat intelligence and vulnerability products. Select and profile key threat actors posing the greatest risk to the client's estate. Own the continuous development of Priority Intelligence Requirements (PIRs More ❯

Cyber Threat Intelligence Lead £65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Location: Leeds (on-site) Salary: Up to £65,000 depending one experience, 10% annual bonus Clearance Requirement: Eligibility for DV clearance (British-born candidates only) NOTE: Due to the nature of the role, candidates must be eligible for DV clearance … and therefore must be British-born. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber Threat Intelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This position offers … an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber Threat Intelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threat intelligence and vulnerability products, ensuring deadlines More ❯

Cyber Threat Intelligence Lead £75000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Cyber Threat Intelligence and Vulnerability Lead Location: Leeds (100% office-based) Salary: Up to £75,000 Security Clearance: DV Clearance required The Opportunity: A unique and mission-critical opportunity has arisen for an experienced Cyber Threat Intelligence … protecting vital UK infrastructure. You'll work within a dedicated Security Operations Centre (SOC) focused on safeguarding cloud-hosted environments across hundreds of systems. Key Responsibilities: As a Cyber Threat Intelligence and Vulnerability Lead , you will: Oversee the daily detection, triage, and reporting of cyber threats and vulnerabilities affecting the client environment. Direct the development and execution of … collection plans and Priority Intelligence Requirements (PIRs), ensuring relevance and accuracy. Lead and mentor a team of analysts, ensuring timely delivery of high-quality intelligence and vulnerability reports. Maintain operational readiness even during periods of reduced capacity by managing team output and ensuring delivery across all products. Shape the direction of threat intelligence by identifying threat More ❯

Cyber Threat Intelligence Lead £75000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Cyber Threat Intelligence and Vulnerability Lead Location: Leeds (100% office-based) Salary: Up to £75,000 Security Clearance: DV Clearance required The Opportunity: A unique and mission-critical opportunity has arisen for an experienced Cyber Threat Intelligence … protecting vital UK infrastructure. You'll work within a dedicated Security Operations Centre (SOC) focused on safeguarding cloud-hosted environments across hundreds of systems. Key Responsibilities: As a Cyber Threat Intelligence and Vulnerability Lead , you will: Oversee the daily detection, triage, and reporting of cyber threats and vulnerabilities affecting the client environment. Direct the development and execution of … collection plans and Priority Intelligence Requirements (PIRs), ensuring relevance and accuracy. Lead and mentor a team of analysts, ensuring timely delivery of high-quality intelligence and vulnerability reports. Maintain operational readiness even during periods of reduced capacity by managing team output and ensuring delivery across all products. Shape the direction of threat intelligence by identifying threat More ❯

Cyber Threat Intelligence and Vulnerability Lead £55,000- 65,000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Cyber Threat Intelligence and Vulnerability Lead Location: Leeds - on site Clearance Required: DV (Developed Vetting) Salary: £55,000- 65,000 Grade: GG10 - GG11 A major UK Critical National Infrastructure (CNI) programme is seeking … a highly skilled Cyber Threat Intelligence and Vulnerability Lead to join a dedicated Security Operations Centre (SOC). This role is central to protecting hundreds of cloud-hosted systems from advanced cyber threats and ensuring the continuous improvement of threat intelligence and vulnerability management capabilities. Key Responsibilities: Lead the detection, triage, and reporting of cyber threats … and vulnerabilities on a daily basis. Oversee the timely delivery of all threat intelligence and vulnerability reports, ensuring high quality and relevance. Select and monitor key threat actors posing the greatest risk to the organisation. Develop and maintain Priority Intelligence Requirements (PIRs) and a tailored collection plan. Provide clear, well-reasoned analysis and predictive insights to More ❯

role, candidates must be eligible for DV clearance. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber Threat Intelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This … position offers an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber Threat Intelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threat intelligence and vulnerability products … ensuring deadlines are met with excellence. Develop and continuously review tailored Priority Intelligence Requirements (PIRs) and collection plans to align intelligence products with client needs. Provide in-depth analysis, context, and predictive insights to support threat mitigation. Assess and enhance the maturity of the SOC's existing functions, driving continuous improvement. Lead, mentor, and develop a high More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

Cyber Threat Intelligence & Vulnerability Lead £65,000 GBP 10% bonus + £7,000 DV Clearance Bonus (once obtained) Hybrid WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Location: Leeds, UK (100% office-based) Salary: up to £65,000 + 10% bonus + £7,000 DV clearance bonus once obtained. Security … your opportunity to shape the future of cyber defence in a role that demands technical excellence, strategic thinking, and strong leadership. What You'll Be Doing As the Cyber Threat Intelligence & Vulnerability Lead, you will: Oversee the detection, triage, and reporting of cyber threats and vulnerabilities. Deliver high-quality intelligence and vulnerability reports on time, every time. … Select and monitor key threat actors posing the greatest risk. Develop and refine Priority Intelligence Requirements (PIRs) and collection plans. Ensure all processes are documented, reviewed, and continuously improved. Provide expert analysis, context, and forward-looking threat assessments. Drive the maturity of threat intelligence and vulnerability functions. Lead and mentor a high-performing team, ensuring More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade E Job Description Experian Cyber Fusion Center is looking for a Threat Intelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization and … lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the Threat Intelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of Primary … Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing relevant More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

Bristol, United Kingdom Salary: Competitive with Great Benefits Defending BT Group against cyber-attacks is the focus of PBT Cyber Operations. BT faces threats from the full range of threat actors from sophisticated threat nation state actors developing their tactics to new heights and targeting our industry, through to criminal groups seeking to monetize efforts attacks on BT … and customers, to hacktivist groups who see BT as a visible UK and impactful UK target. It is the role of the Cyber Threat Intelligence Group (CTIG) to understand and track this ever-evolving threat landscape. Our Capability Development Team is key part of this equipping us with the tools to do carry out this function and … keep BT Group and the UK critical networks safe. BT takes a threat led approach to cyber security. Intelligence generated within CTIG to identify, prioritize and track those threats which are of greatest significance to BT drives security decision making impacting all levels of the organization. As a large, distributed, multinational IT-based company, BT has a unique More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal, hands-on role … in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement and embed modern … IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident response and cyber threat More ❯

Threat Detection Engineer (Cyber) page is loaded Threat Detection Engineer (Cyber) Apply locations Windsor time type Full time posted on Posted 6 Days Ago time left to apply End Date: August 2, 2025 (4 days left to apply) job requisition id R Join us, be part of more. We're so much more than an energy company. We … do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role, you'll be responsible for developing, automating, and … enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection gaps across our infrastructure, working closely with various business units to boost visibility, and crafting automated More ❯

Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence More ❯

security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence More ❯

cybersecurity practices. Tool Optimisation: Oversee the enhancement of security tools to maintain a proactive security posture. Incident Response: Provide expert guidance during security incident investigations and response efforts. Insider Threat: Manage and investigate Insider Threat cases as required. Threat Hunting: Lead scheduled threat hunts to ensure thorough detection of advanced threats. External Collaboration: Work with external … e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. Expertise in threat intelligence and threat hunting. Experience mentoring and coaching others. Current DV clearance. Security Clearance This role is subject to pre-employment screening in line with the UK More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯

day-to-day SOC activities, ensuring timely escalation and resolution of incidents. Mentor junior analysts, support skills development, and facilitate tabletop exercises and simulations. Drive use-case development and threat detection content using advanced analytics, including machine learning and security automation. Maintain and update SOC processes, procedures, and documentation. Help build and mature threat intelligence capabilities and … foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex environments. Strong understanding of … the cyber threat landscape, adversary tactics, and frameworks such as MITRE ATT&CK. Demonstrated ability to work under pressure, solve problems independently, and collaborate with stakeholders. Experience in a Security Operations or similar role (e.g. Senior SOC Analyst, Level 3 SOC Analyst). Technical knowledge of cloud environments and SaaS platforms including AWS, Azure, Office 365, and Microsoft Defender. More ❯

data breach reporting process. They will use their analytical skills to identify themes and trends in threats, vulnerabilities, and information breaches, using excellent written and presentation skills to communicate threat intelligence and information risks across PHSO. A part of the role will be to proactively develop expertise in practical cyber security, and manage the policy and evidence required … Essentials. Main Duties • Use analytical skills to assess technical and business information to identify patterns and trends and perform a risk analysis of threats • Work with colleagues to communicate threat intelligence and practical information security advice in formats appropriate to the audience (blogs, articles, coaching etc). • Explain complex problems, policies, and protocols in simple terms to technical More ❯

fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience ? Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture ? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯