151 to 175 of 194 Threat Intelligence Jobs in the UK excluding London

Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds. Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOC More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOCs More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOC More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOC More ❯

platform governance while influencing strategic security decisions across the organisation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps capabilities, including: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT More ❯

platform governance while influencing strategic security decisions across the organisation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps capabilities, including: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT More ❯

rich role working closely with ICT leadership, engineers, and external partners—perfect for someone who wants to make a real impact. Key Responsibilities Manage and optimise CrowdStrike Falcon for threat detection and response Investigate, triage, and remediate security incidents and vulnerabilities Support patching, scanning, and integration of threat intelligence Improve technical security controls across networks, endpoints, and … cloud Assist in designing secure configurations for systems and services Collaborate on compliance audits and internal security documentation Key Skills Strong understanding of core cybersecurity principles and threat vectors Understanding of risk frameworks such as Cyber Essentials+, ISO 27001, CIS, PCI-DSS Experience with EDR/XDR platforms - Crowdstrike Falcon Proficiency with Microsoft security stack (Defender, Intune, MFA, etc. … Solid grasp of patch management and vulnerability assessment Ability to interpret logs and alerts to assess threat response Clear communicator with the ability to explain risk to non-technical teams Desirable Skills Familiarity with SIEM tools (e.g. Sentinel, Splunk) Scripting/automation knowledge (e.g. PowerShell, Python) Understanding of data protection and privacy frameworks (e.g. UK GDPR) In return the More ❯

rich role working closely with ICT leadership, engineers, and external partners—perfect for someone who wants to make a real impact. Key Responsibilities Manage and optimise CrowdStrike Falcon for threat detection and response Investigate, triage, and remediate security incidents and vulnerabilities Support patching, scanning, and integration of threat intelligence Improve technical security controls across networks, endpoints, and … cloud Assist in designing secure configurations for systems and services Collaborate on compliance audits and internal security documentation Key Skills Strong understanding of core cybersecurity principles and threat vectors Understanding of risk frameworks such as Cyber Essentials+, ISO 27001, CIS, PCI-DSS Experience with EDR/XDR platforms - Crowdstrike Falcon Proficiency with Microsoft security stack (Defender, Intune, MFA, etc. … Solid grasp of patch management and vulnerability assessment Ability to interpret logs and alerts to assess threat response Clear communicator with the ability to explain risk to non-technical teams Desirable Skills Familiarity with SIEM tools (e.g. Sentinel, Splunk) Scripting/automation knowledge (e.g. PowerShell, Python) Understanding of data protection and privacy frameworks (e.g. UK GDPR) In return the More ❯

with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service More ❯

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on delivering … tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance on … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. More ❯

building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative environment. If you love improving how More ❯

programme, supporting cyber assurance and compliance activities. This is a hands-on role suited to someone with experience in public sector or defence environments, particularly around information assurance and threat reporting. Key Responsibilities: Deliver internal security audits aligned to ISO 27001 standards Provide support and guidance as part of the programme’s IT security function Monitor and respond to … cyber threat intelligence and WARP notifications Maintain documentation and contribute to risk assessments and mitigation plans Collaborate with stakeholders to ensure alignment with government security frameworks Required Skills & Experience: Valid SC Clearance Practical experience with ISO 27001 auditing Background in a DITSO or similar IT security role within Defence or OGD Familiarity with WARP processes and incident response More ❯

members of the R&D team, and the engineering team to develop new, experimental technologies as part of Nucleus' innovation mission. Develop our new to market, AI-driven vulnerability intelligence platform and data feed. Take ownership of design, implementation, and deployment in conjunction with the R&D team. Collaborate with cross-functional teams across the globe, each working in … a professional setting. Mindset: Creative thinker who enjoys solving hard problems and experimenting with novel solutions. Cyber Security Passion: Demonstrated interest or background in cybersecurity. Experience in vulnerability management, threat intelligence, or related domains is highly desirable. Preferred Experience Engineering team lead experience Experience working on multiple projects at the same time Experience with big data analytical systems More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values engineering rigour More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values engineering rigour More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values engineering rigour More ❯

with stakeholders from IT, Security, Risk, and Compliance teams to gather requirements and deliver effective, scalable solutions Implement integrations between ServiceNow and external systems such as SIEM, vulnerability scanners, threat intelligence feeds, and identity platforms Build automation and workflow solutions using Flow Designer and IntegrationHub Support platform upgrades, security patches, and maintain technical documentation Participate in agile development More ❯

with stakeholders from IT, Security, Risk, and Compliance teams to gather requirements and deliver effective, scalable solutions Implement integrations between ServiceNow and external systems such as SIEM, vulnerability scanners, threat intelligence feeds, and identity platforms Build automation and workflow solutions using Flow Designer and IntegrationHub Support platform upgrades, security patches, and maintain technical documentation Participate in agile development More ❯

design, execution, and reporting, with a focus on realism and impact Creating or modifying tools, exploits, and payloads as needed not relying solely on off-the-shelf frameworks Supporting threat-led testing programs and integrating threat intelligence into operations Maintaining strict operational security and professional discipline in all activities What were looking for: 34+ years of true More ❯

Role • Lead detection ideation based on observed telemetry patterns, threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and … on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and application behaviours • Knowledge of threat hunting methodologies and ability to articulate detection gaps clearly More ❯

Role Lead detection ideation based on observed telemetry patterns, threat intelligence and gap analysis Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and … on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry Comfortable navigating enterprise-scale environments and understanding host, user and application behaviours Knowledge of threat hunting methodologies and ability to articulate detection gaps clearly More ❯

Role Lead detection ideation based on observed telemetry patterns, threat intelligence and gap analysis Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and … on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry Comfortable navigating enterprise-scale environments and understanding host, user and application behaviours Knowledge of threat hunting methodologies and ability to articulate detection gaps clearly More ❯

offensive security Proficiency with C2 frameworks (Cobalt Strike, Sliver, Mythic) Deep understanding of Windows/Linux internals, AD, and cloud (AWS/Azure) Knowledge of OPSEC, evasive TTPs, and threat intelligence integration Strong scripting skills (Python, PowerShell, Bash) OSCP, CRTO, OSCE, or similar certs Published exploits or open-source tools Why BreachLock: 100% remote-first culture Cutting-edge More ❯

and are looking for support with design and delivery. The company supports a diverse client base across critical sectors, offering multiple services including: 24/7 SOC, Security Assurance, Threat Intelligence, 3rd Party Risk, and Crisis Sims. The work here is potentially repetitive, however it does offer the opportunity to create meaningful Cyber Security content, and interface directly More ❯