101 to 125 of 191 Threat Intelligence Jobs in the UK excluding London

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats — ensuring … they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive … defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack. Key Responsibilities Serve as the primary escalation point for complex incidents and lead on incident response. … Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in SOC operations, automation, and incident … response processes. Monitor evolving threats and integrate threat intelligence into daily operations. Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps More ❯

within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack. Key Responsibilities Serve as the primary escalation point for complex incidents and lead on incident response. … Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in SOC operations, automation, and incident … response processes. Monitor evolving threats and integrate threat intelligence into daily operations. Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps More ❯

within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack. Key Responsibilities Serve as the primary escalation point for complex incidents and lead on incident response. … Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in SOC operations, automation, and incident … response processes. Monitor evolving threats and integrate threat intelligence into daily operations. Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps More ❯

IT outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible for designing, implementing and … inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC … Engineering secure log ingestion pipelines across hybrid cloud and on prem environments • Supporting onboarding of new clients into the SOC to ensure correct configuration and data flow • Contributing to threat hunting and detection engineering initiatives • Maintaining documentation, diagrams and configuration standards • Mentoring junior engineers and analysts and sharing best practice What You’ll Bring • 3 to 5 years of More ❯

IT outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible for designing, implementing and … inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You'll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC … Engineering secure log ingestion pipelines across hybrid cloud and on prem environments • Supporting onboarding of new clients into the SOC to ensure correct configuration and data flow • Contributing to threat hunting and detection engineering initiatives • Maintaining documentation, diagrams and configuration standards • Mentoring junior engineers and analysts and sharing best practice What You'll Bring • 3 to 5 years of More ❯

IT outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible for designing, implementing and … inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC … Engineering secure log ingestion pipelines across hybrid cloud and on prem environments • Supporting onboarding of new clients into the SOC to ensure correct configuration and data flow • Contributing to threat hunting and detection engineering initiatives • Maintaining documentation, diagrams and configuration standards • Mentoring junior engineers and analysts and sharing best practice What You’ll Bring • 3 to 5 years of More ❯

and services firm – is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations, and threat response. This is a hands-on, senior-level role at the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and … recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service Delivery Managers, and technical teams to manage escalations and coordinate response. Maintain high standards of documentation, including post More ❯

security tools, with a focus on Data Loss Prevention (DLP) technologies. You will assist in configuring, tuning, and maintaining these tools to prevent sensitive data from leaving our organization. Threat Analysis: Contribute to threat intelligence and risk analysis efforts by researching new vulnerabilities and attack vectors. You will help us stay one step ahead of potential threats. More ❯

Forensics and Incident Response (DFIR) team. You'll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering teams. What You'll Be Doing ️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. ️ Incident … Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. Threat Hunting : Lead intelligence-driven hunts to identify and escalate suspicious activity, contributing to our detection engineering efforts. What We're Looking For 4+ years of hands-on experience More ❯

Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident … Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence-driven hunts to identify and escalate suspicious activity, contributing to our detection engineering efforts. What We’re Looking For 4+ years of hands-on experience More ❯

Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident … Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence-driven hunts to identify and escalate suspicious activity, contributing to our detection engineering efforts. What We’re Looking For 4+ years of hands-on experience More ❯

Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident … Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence-driven hunts to identify and escalate suspicious activity, contributing to our detection engineering efforts. What We’re Looking For 4+ years of hands-on experience More ❯

and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations, and threat response. This is a hands-on, senior-level role at the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and … reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service Delivery Managers, and technical teams to manage escalations and coordinate response. Maintain high standards of documentation, including post More ❯

Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to interpret and apply threat intelligence to improve controls and detection coverage. Experience with MacOS preferred Strong communication skills - capable of articulating complex technical issues to both technical and non-technical stakeholders. Proven More ❯

Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to interpret and apply threat intelligence to improve controls and detection coverage. Experience with MacOS preferred Strong communication skills — capable of articulating complex technical issues to both technical and non-technical stakeholders. Proven More ❯

Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to interpret and apply threat intelligence to improve controls and detection coverage. Experience with MacOS preferred Strong communication skills — capable of articulating complex technical issues to both technical and non-technical stakeholders. Proven More ❯

Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to interpret and apply threat intelligence to improve controls and detection coverage. Experience with MacOS preferred Strong communication skills — capable of articulating complex technical issues to both technical and non-technical stakeholders. Proven More ❯

conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security More ❯

models (RBAC, ABAC), and logging standards. o Experience supporting assurance activities or government-mandated reviews (e.g. GovAssure, Secure by Design). o Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. o Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. o Excellent written and verbal communication More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You'll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years' experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender More ❯

looking for a step up. You will be responsible for identifying, analysing, and responding to cyber threats and vulnerabilities. The Senior Cyber Security Analyst will be responsible for conducting threat assessments, incident response, and ensuring the security of our networks, systems, and data. Key Responsibilities: Identify, analyse, and respond to cyber threats and vulnerabilities Conduct threat assessments to … Information Security, or related field Minimum 2 years of experience in a SOC environment Demonstrable experience using Cyber Security toolsets such as SIEM/EDR/Email Security/Threat Intelligence Demonstrable Microsoft tooling experience Strong understanding of cyber security principles and best practices Experience with network security technologies such as firewalls, intrusion detection and prevention systems, and More ❯