26 to 50 of 77 Threat Intelligence Jobs in the UK excluding London

and production environments and will directly impact our ability to detect, respond to, and prevent cyber threats at scale. As a senior individual contributor reporting to the Director of Threat Intelligence and Detections, you will play a central role in the technical leadership of the Detection Engineering team. You’ll mentor junior engineers, help define engineering direction, and … lead the development of scalable, innovative threat detection solutions—including those leveraging AI and cloud-native technologies. This is a hybrid role and you must live within commutable distance to our Guildford office where you will need to work in the office 3 days per week. Key Responsibilities Design, develop, and operationalize advanced detections across cloud, container, and on … metrics. Lead development of AI-driven detection proof-of-concepts Guide peers in building scalable, maintainable detection infrastructure and tuning detection content. Support strategic priorities like product detection assessments, threat-led risk prioritization, and production telemetry uplift. Minimum Qualifications Experience in detection engineering, security engineering, or software development with a focus on cybersecurity. Proven experience developing detections and integrations More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world click apply for full job details More ❯

and interpret evidence to provide a holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance activities and operational priorities. … talent. Ability to interpret complex technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management tools and methodologies. What's More ❯

are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and the development of new SOC capabilities. Key Responsibilities Lead investigations into escalated incidents, providing … detailed analysis and containment strategies. Perform malware analysis, reverse engineering, and develop detection signatures. Integrate threat intelligence into SOC operations, staying ahead of emerging attack techniques. Manage and optimise SIEM tools (Splunk, QRadar, Microsoft Sentinel). Develop SOC use cases, runbooks, and playbooks to improve response capability. Collaborate with IT, legal, and management teams during incident response. Support More ❯

Join Police Digital Service an NMC Cyber Threat Intelligence Specialist. Permanent FT. Starting salary £45,000 per annum. About Police Digital Service This is an opportunity to play your part and protect our company, our customers and our communities from cyber attack. Be part of a dedicated team and get ready to be challenged every day to make More ❯

Consultant in Unit 42 you will have the opportunity to work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security. We are seeking an individual who is passionate about cyber security, curious with a demonstrated track record of continuous learning, and has the technical acumen to … embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

Consultant in Unit 42 you will have the opportunity to work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security. We are seeking an individual who is passionate about cyber security, curious with a demonstrated track record of continuous learning, and has the technical acumen to … embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

consulting leader delivering secure, innovative solutions across industries. We foster collaboration, inclusion, and continuous growth, with networks supporting diversity, equity, and belonging. What You'll do: Lead and manage threat intelligence-led penetration tests across applications, infrastructure, cloud (AWS/Azure/O365), APIs, and OT Develop advanced test plans, identify critical assets, and deliver detailed, actionable reports … attack techniques to strengthen proactive security What You'll Bring: CREST CRT (or higher) certification - essential 5+ years' experience in penetration testing with strong understanding of adversarial tactics and threat intelligence Expertise across network, cryptography, vulnerabilities, and attack vectors Strong communication and reporting skills Experience with Breach Attack Simulation, vulnerability management, cloud security reviews (AWS/Azure/ More ❯

who can operate efficiently; effectively; productively and cost effectively driving individual and collective team performance and continual service improvement. Experience leading common security practices including incident detection and response, threat hunting, threat intelligence and major incident services Strong written and verbal communication skills with the ability to tailor communication to technical and non-technical audiences, with experience More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on SOC … Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight and guidance on … threat hunting operations Translate threat intelligence into actionable hypotheses and use cases Design and execute advanced threat hunting exercises across varied environments Develop in-house training programmes for SOC analysts Drive CTI maturity and visibility across internal and customer-facing functions Ensure comprehensive documentation and stakeholder reporting Participate in the on-call rotation for critical incidents More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats — ensuring … they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive … defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage More ❯

and Defender XDR. The role requires strong analytical skills, attention to detail, The ability to execute response actions such as endpoint isolation, IOC blocking, malware scans, and user containment Threat monitoring and detection Threat intelligence and hunting SOAR and automation Skills MS Sentinel/Defender for Endpoint Understanding Mitre Att&ck framework Required 2+ years exp in More ❯

Job Title: Senior Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role. Salary; Circa £50,000 depending on experience and skills What you’ll be doing: Triage, analyse and investigate alerts, log data and network traffic using the … BAE Systems Escalate suspected major security incidents/investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems to support … along with providing conclusions and recommendations Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or More ❯

and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations, and threat response. This is a hands-on, senior-level role at the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and … reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service Delivery Managers, and technical teams to manage escalations and coordinate response. Maintain high standards of documentation, including post More ❯

experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. … foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate remediation. Monitor and analyse security events across multiple platforms. Identify, assess, and escalate threats and vulnerabilities. Maintain and evolve … a 24×7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What you’ll be doing: Delivery of core triage function as part of 24/7 protective … impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience of working within Security Operations or equivalent … and shopping discounts – you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector, GuardDuty … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks More ❯

conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security More ❯

executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and More ❯

executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and More ❯

assets. Collates, defines, and enforces secure configuration baselines and hardening standards in alignment with organisational security obligations and recognised industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines). Conducts threat modelling and risk assessments to identify vulnerabilities or compliance gaps. Maintains and manages Software Bills of Materials (SBOMs). Assists with integrating security monitoring, logging, and alerting capabilities. Creates … risk assessments, risk mitigation plans, and security operations procedures. Performs security validation, configuration assessments, and support user acceptance testing (UAT) for security-related features. Collates and analyses information for threat intelligence requirements from a variety of sources. Designs and executes complex vulnerability research activities. Provides guidance, support and mentoring to other IT Engineers as requested by the IT … . Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯