Manchester Area, United Kingdom Hybrid / WFH Options
NCC Group
the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Strategic ThreatIntelligence team, reporting to the Strategic ThreatIntelligence Manager. As a senior member in this team, you will have some limited line management responsibilities but will … be expected to be heavily involved in the training and mentoring of other Threatintelligence team members, as well as supporting the overall growth of the Strategic ThreatIntelligence team. You will be expected to have strong consultancy skills and experience in delivering large/complex pieces of client facing work where you will need to … be able to manage multiple internal and external stakeholders. Key Accountabilities Support the development and growth of our Strategic ThreatIntelligence capabilities in line with our overall ThreatIntelligence and Corporate Strategy Support and lead the delivery of Regulator-driven ThreatIntelligence Engagements (CBEST, TIBER, CORIE, iCAST, AASE) Deliver services from our ThreatMore ❯
ThreatIntelligence Lead £55000-65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent ThreatIntelligence Lead Leeds - 5 days on-site Up to £65,000 + DV Cleared Bonus We are currently recruiting for a ThreatIntelligence Lead to join one of the UK's most critical national defence … programmes. This is an opportunity to lead a high-performance team operating at the forefront of cyber threatintelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As ThreatIntelligence Lead, you will be responsible for managing the production of actionable threatintelligence and vulnerability assessments … ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the ThreatIntelligence Lead: Lead the development and delivery of threatintelligence and vulnerability products. Select and profile key threat actors posing the greatest risk to the client's estate. Own the continuous development of Priority Intelligence Requirements (PIRs More ❯
bradford, yorkshire and the humber, united kingdom
Anson Mccade
ThreatIntelligence Lead £55000-65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent ThreatIntelligence Lead Leeds - 5 days on-site Up to £65,000 + DV Cleared Bonus We are currently recruiting for a ThreatIntelligence Lead to join one of the UK's most critical national defence … programmes. This is an opportunity to lead a high-performance team operating at the forefront of cyber threatintelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As ThreatIntelligence Lead, you will be responsible for managing the production of actionable threatintelligence and vulnerability assessments … ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the ThreatIntelligence Lead: Lead the development and delivery of threatintelligence and vulnerability products. Select and profile key threat actors posing the greatest risk to the client's estate. Own the continuous development of Priority Intelligence Requirements (PIRs More ❯
Cyber ThreatIntelligence Lead £65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Location: Leeds (on-site) Salary: Up to £65,000 depending one experience, 10% annual bonus Clearance Requirement: Eligibility for DV clearance (British-born candidates only) NOTE: Due to the nature of the role, candidates must be eligible for DV clearance … and therefore must be British-born. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber ThreatIntelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This position offers … an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber ThreatIntelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threatintelligence and vulnerability products, ensuring deadlines More ❯
Bradford, West Yorkshire, Yorkshire, United Kingdom
Anson Mccade
Cyber ThreatIntelligence Lead £75000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Cyber ThreatIntelligence and Vulnerability Lead Location: Leeds (100% office-based) Salary: Up to £75,000 Security Clearance: DV Clearance required The Opportunity: A unique and mission-critical opportunity has arisen for an experienced Cyber ThreatIntelligence … protecting vital UK infrastructure. You'll work within a dedicated Security Operations Centre (SOC) focused on safeguarding cloud-hosted environments across hundreds of systems. Key Responsibilities: As a Cyber ThreatIntelligence and Vulnerability Lead , you will: Oversee the daily detection, triage, and reporting of cyber threats and vulnerabilities affecting the client environment. Direct the development and execution of … collection plans and Priority Intelligence Requirements (PIRs), ensuring relevance and accuracy. Lead and mentor a team of analysts, ensuring timely delivery of high-quality intelligence and vulnerability reports. Maintain operational readiness even during periods of reduced capacity by managing team output and ensuring delivery across all products. Shape the direction of threatintelligence by identifying threatMore ❯
role, candidates must be eligible for DV clearance. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber ThreatIntelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This … position offers an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber ThreatIntelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threatintelligence and vulnerability products … ensuring deadlines are met with excellence. Develop and continuously review tailored Priority Intelligence Requirements (PIRs) and collection plans to align intelligence products with client needs. Provide in-depth analysis, context, and predictive insights to support threat mitigation. Assess and enhance the maturity of the SOC's existing functions, driving continuous improvement. Lead, mentor, and develop a high More ❯
Warwick, Warwickshire, United Kingdom Hybrid / WFH Options
Akkodis
Cyber ThreatIntelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber ThreatIntelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary … and the opportunity for remote working. The Role As a Cyber ThreatIntelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to … compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and More ❯
can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText ThreatIntelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threatintelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threatintelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threatintelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threatintelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯
Cyber ThreatIntelligence & Vulnerability Lead £65,000 GBP 10% bonus + £7,000 DV Clearance Bonus (once obtained) Hybrid WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber ThreatIntelligence & Vulnerability Lead Location: Leeds, UK (100% office-based) Salary: up to £65,000 + 10% bonus + £7,000 DV clearance bonus once obtained. Security … your opportunity to shape the future of cyber defence in a role that demands technical excellence, strategic thinking, and strong leadership. What You'll Be Doing As the Cyber ThreatIntelligence & Vulnerability Lead, you will: Oversee the detection, triage, and reporting of cyber threats and vulnerabilities. Deliver high-quality intelligence and vulnerability reports on time, every time. … Select and monitor key threat actors posing the greatest risk. Develop and refine Priority Intelligence Requirements (PIRs) and collection plans. Ensure all processes are documented, reviewed, and continuously improved. Provide expert analysis, context, and forward-looking threat assessments. Drive the maturity of threatintelligence and vulnerability functions. Lead and mentor a high-performing team, ensuring More ❯
from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process ThreatIntelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threatintelligence into security monitoring processes. Contribute to the development of threatintelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threatintelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) ThreatMore ❯
from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process ThreatIntelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threatintelligence into security monitoring processes. Contribute to the development of threatintelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threatintelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) ThreatMore ❯
Nottingham, Nottinghamshire, United Kingdom Hybrid / WFH Options
Experian Group
people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade E Job Description Experian Cyber Fusion Center is looking for a ThreatIntelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization and … lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the ThreatIntelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of Primary … Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing relevant More ❯
part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threatintelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. ThreatIntelligence: You'll monitor and apply current and emerging threatintelligence, using tools like Google ThreatIntelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
BT Group
Bristol, United Kingdom Salary: Competitive with Great Benefits Defending BT Group against cyber-attacks is the focus of PBT Cyber Operations. BT faces threats from the full range of threat actors from sophisticated threat nation state actors developing their tactics to new heights and targeting our industry, through to criminal groups seeking to monetize efforts attacks on BT … and customers, to hacktivist groups who see BT as a visible UK and impactful UK target. It is the role of the Cyber ThreatIntelligence Group (CTIG) to understand and track this ever-evolving threat landscape. Our Capability Development Team is key part of this equipping us with the tools to do carry out this function and … keep BT Group and the UK critical networks safe. BT takes a threat led approach to cyber security. Intelligence generated within CTIG to identify, prioritize and track those threats which are of greatest significance to BT drives security decision making impacting all levels of the organization. As a large, distributed, multinational IT-based company, BT has a unique More ❯
Manchester, North West, United Kingdom Hybrid / WFH Options
IBEX RECRUITMENT LTD
Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal, hands-on role … in a growing cyber team. Youll lead threatintelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of ThreatIntelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement and embed modern … IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident response and cyber threatMore ❯
Threat Detection Engineer (Cyber) page is loaded Threat Detection Engineer (Cyber) Apply locations Windsor time type Full time posted on Posted 6 Days Ago time left to apply End Date: August 2, 2025 (4 days left to apply) job requisition id R Join us, be part of more. We're so much more than an energy company. We … do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role, you'll be responsible for developing, automating, and … enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threatintelligence, and insights from past incidents. Your expertise will be crucial in addressing detection gaps across our infrastructure, working closely with various business units to boost visibility, and crafting automated More ❯
Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threatintelligence, and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with ThreatIntelligenceMore ❯
security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threatintelligence and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with ThreatIntelligenceMore ❯
Northampton, Northamptonshire, England, United Kingdom Hybrid / WFH Options
PLANET RECRUITMENT SERVICES LTD
WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threatintelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). ThreatIntelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Smart DCC
day-to-day SOC activities, ensuring timely escalation and resolution of incidents. Mentor junior analysts, support skills development, and facilitate tabletop exercises and simulations. Drive use-case development and threat detection content using advanced analytics, including machine learning and security automation. Maintain and update SOC processes, procedures, and documentation. Help build and mature threatintelligence capabilities and … foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex environments. Strong understanding of … the cyber threat landscape, adversary tactics, and frameworks such as MITRE ATT&CK. Demonstrated ability to work under pressure, solve problems independently, and collaborate with stakeholders. Experience in a Security Operations or similar role (e.g. Senior SOC Analyst, Level 3 SOC Analyst). Technical knowledge of cloud environments and SaaS platforms including AWS, Azure, Office 365, and Microsoft Defender. More ❯
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
OpenSourced Ltd
fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threatintelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threatintelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯
Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threatintelligence, incident response, risk management, compliance, and security architecture. You will act as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience ? Extensive expertise in threatintelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture ? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯
Hatfield, Hertfordshire, South East, United Kingdom
COMPUTACENTER (UK) LIMITED
providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom
COMPUTACENTER (UK) LIMITED
providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯
Milton Keynes, Buckinghamshire, South East, United Kingdom
COMPUTACENTER (UK) LIMITED
providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threatintelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯