26 to 50 of 92 Threat Intelligence Jobs in the UK excluding London

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms More ❯

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms More ❯

Federation of Security Operations Centre (SOC)operations across two or more organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise More ❯

DV clearance and therefore must be British-born. Are you ready to lead in one of the most critical roles in the cybersecurity industry? We are seeking a Cyber Threat Intelligence and Vulnerability Lead to play a pivotal role in the operation and improvement of a Security Operations Centre (SOC) dedicated to safeguarding a major UK organisation. This … position offers an opportunity to make a tangible impact in protecting the systems that power the nation. About the Role As the Cyber Threat Intelligence and Vulnerability Lead, you will: Take accountability for detecting, triaging, and reporting potential cyber threats and key vulnerabilities daily. Oversee the delivery and quality of all threat intelligence and vulnerability products … ensuring deadlines are met with excellence. Develop and continuously review tailored Priority Intelligence Requirements (PIRs) and collection plans to align intelligence products with client needs. Provide in-depth analysis, context, and predictive insights to support threat mitigation. Assess and enhance the maturity of the SOC's existing functions, driving continuous improvement. Lead, mentor, and develop a high More ❯

Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯

customers go about their daily job of protecting their communities and saving lives. You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimization. You will conduct security assessments of our applications, identify issues, and help address them early in the development cycle. You'll … systems and applications. Conduct internal security assessments of APIs and Cloud infrastructure, validate controls, design across our estate, and lead remediation activities prioritization. Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments. Provide technical support with risk assessments on PHI, and steering improvements to … our environment in line with common standards such as NIST. Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization. Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defenses for us as an organization. Work collaboratively cross-team, to impart your expertise More ❯

day basis. Provide out of hours technical escalation support to shift analysts Main Duties and Responsibilities: Developing SIEM detection rules and tuning alerts across our client estates. Conduct proactive threat intelligence research and carry out threat hunting across client estates Training of analysts and developing training resources and materials Act as a point of escalation for the … Understanding of security attack vectors and techniques utilised, including areas such as Business Email & user account Compromise, malicious payload installation & execution and reconnaissance activity. Understanding of the everchanging emerging threat landscape and how to interpret these threats to create initiate mitigation actions across a clients security estate. Willingness to learn, adapt, and innovate Critical thinking and analytical skills Excellent More ❯

designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as More ❯

approach and be able to translate complex technical risks into clear and actionable insights for the organisation. Responsibilities: Development and management of the security operational roadmap, ensuring vulnerability management, threat detection and effective incident management. Be the primary point of escalation for security events and incidents in the organisation. Leading on, developing and implementing the cyber security strategy across … as CISM, CISSP, CISA. Proven experience as a cyber security leader, responsible for security strategy with a strong technical understanding. Strong knowledge of cyber risk management, vulnerability management and threat intelligence. Knowledge of compliance and regulatory frameworks such as Cyber Essentials, GDPR and ISO 27001. Certifications in Microsoft security such as AZ-500, SC-200, SC-300 are desirable. More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing, and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real-time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable More ❯

effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions … Join us on our journey and you will too. What you'll need Proven experience in a cyber defence context with demonstrable success in leading technical teams Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence … Effective workforce and performance management with proficiency in project planning and execution. Strong communication and interpersonal skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition More ❯

delivery of critical systems that protect citizens and national interests. Working with the Principal Security Architect, you will own security architecture for a major portfolio, translate business goals and threat intelligence into practical controls, and mentor SEO level architects to raise capability across multiple programmes. You will engage senior stakeholders, balance risk against usability and cost, and shape … Security Architect strategy, translating them into reusable templates and guardrails. Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure. Perform and interpret threat modelling/pen test results, converting findings into road mapped improvements and measurable risk reductions. Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing … effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security, network segmentation, encryption and DevSecOps toolchains; capable of explaining exploitability of complex vulnerabilities. Pen testing & threat modelling: scoping, overseeing and translating results into enforceable patterns and backlog items. Influential communication: proven ability to engage C suite and delivery squads alike, adapting style to gain agreement More ❯

the security development and testing offerings. Represent the function in client engagements, pre-sales discussions, and technical assessments. Design and present tailored solutions based on customer-specific challenges and threat landscapes. Collaborate on statements of work (SOWs) and influence product roadmaps. Service Delivery Assurance Oversee performance and quality of services delivered, ensuring SLA and KPI compliance. Implement governance mechanisms … the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement in client More ❯

and supporting the creation and implementation of security policies and best practices. The Analyst plays a key part in protecting MPS data and assets from potential threats by reviewing threat intelligence and recommending ways to prevent or minimize risks. In addition to day-to-day tasks, the role also involves supporting and promoting security best practices, as well More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to More ❯

lifecycle of a product, from concept to completion. Sustainability and Innovation: Siemens DI SW emphasizes sustainable business growth and innovation through its comprehensive digital solutions. Job Summary: The Artificial Intelligence (AI) Security Engineer will be responsible for leading the development and implementation of security strategies for our artificial intelligence (AI) systems. In this role, you will design and … the product run time. Position Overview: Siemens Software (DI SW) is looking for a highly skilled and experienced leader reporting to the Director of Security Innovation & Automation. The Artificial Intelligence (AI) Security Engineer will play a critical role in developing and implementing security frameworks for AI models, algorithms, and datasets while collaborating across the product teams and Product Solution … Security Officers (PSSO). Key Responsibilities: Assist the Director of Security Innovation & Automation in all aspects of Artificial Intelligence (AI) security while ensuring security in the product "run time" space. Develop and implement security frameworks for AI models, algorithms, and datasets. Automate the governance of our internal and external AI Models Automate the security of our internal and external More ❯

triage and escalation of reports and requests from Government organisations. * Support Incident Management when required during periods of heightened operational activity. * Maintain an understanding of the real-world cyber threat, identifying trends and emerging threats. * Maintain an understanding of the cyber threats likely to target the business. * Facilitate the timely sharing of high-quality actionable Cyber Threat Intelligence … stakeholders. * Work collaboratively with Incident Management, providing insights on adversaries to enable a more effective response, and capturing insights for wider use. * Support the implementation and ongoing management of Threat Intelligence tooling and infrastructure, including, malware sandboxes, and threat intelligence platforms. * Engage with the wider public sector cyber security, cyber threat intelligence and assessment … communication skills, including the ability to clearly and simply explain technical details to non-technical audiences, and engage with senior stakeholders. * Experience working with internal and external stakeholders. Cyber Threat Intelligence Specific * Excellent understanding of the tools, techniques and procedures used by adversaries in real-world cyber attacks. * Experience monitoring a variety of sources of information to identify More ❯

effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions … Join us on our journey and you will too. What you'll need Proven experience in a cyber defence context with demonstrable success in leading technical teams Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence … Effective workforce and performance management with proficiency in project planning and execution. Strong communication and interpersonal skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition More ❯

after BGV completion, so 4 Weeks Notice is also okay The Role: We are looking for an experienced Akamai WAF Engineer with expertise in web application security, content distribution, Threat and Vulnerability Management, DDoS protections, and delivering change projects. As part of the Cyber Security Team, you will collaborate with other cyber professionals across Digital Cyber Security and the … Key Responsibilities: Deliver security software and configurations using Akamai, GCP, and Azure cloud native products. Maintain security solutions for our Enterprise and Digital Channels. Manage DDoS, Vulnerability management, and threat intelligence, ensuring layer 6 & 7 defenses are proactive against cyber threats. Participate in incident response and threat mitigation strategies. Required Skills: Strong experience with multiple WAF solutions More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Collaborative and detail-oriented, able to work across international teams and regulatory boundaries. Desired skills Experience supporting cybersecurity assurance within other EASA/UK … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

on involvement in ensuring compliance to security frameworks (ISO27001, NIST, eCAF). * Proven experience in implementing security systems and/or monitoring tools. * Strong knowledge of SIEM, Vulnerability Management, Threat Intelligence, and IAM systems. * Experience contributing to enterprise-level security initiatives and aligning with industry standards. * Strong collaboration skills, including experience working with IT Operations teams and third More ❯

needs of local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence More ❯