51 to 75 of 77 Threat Intelligence Jobs in the UK excluding London

VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to More ❯

Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor, analyse, and escalate security events and incidents in collaboration with other SOC team members. Assist in the configuration, administration and enhancement of security tools More ❯

Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor, analyse, and escalate security events and incidents in collaboration with other SOC team members. Assist in the configuration, administration and enhancement of security tools More ❯

Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor, analyse, and escalate security events and incidents in collaboration with other SOC team members. Assist in the configuration, administration and enhancement of security tools More ❯

providing clear guidance and recommendations. Mentor and support junior SOC analysts, ensuring best practice is followed. Keep up to date with the latest threats, vulnerabilities, and attack vectors, integrating threat intel into monitoring. What we’re looking for: Proven L3 SOC experience . 5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and More ❯

The Role As a SOC Detection Engineer, you will design, develop, and maintain high-quality detection content to improve threat visibility and reduce risk across customer environments. You apply expert knowledge of attacker tactics and telemetry sources to create and manage scalable, accurate, and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support … operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM … XDR, and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or More ❯

programme, supporting cyber assurance and compliance activities. This is a hands-on role suited to someone with experience in public sector or defence environments, particularly around information assurance and threat reporting. Key Responsibilities: Deliver internal security audits aligned to ISO 27001 standards Provide support and guidance as part of the programme’s IT security function Monitor and respond to … cyber threat intelligence and WARP notifications Maintain documentation and contribute to risk assessments and mitigation plans Collaborate with stakeholders to ensure alignment with government security frameworks Required Skills & Experience: Valid SC Clearance Practical experience with ISO 27001 auditing Background in a DITSO or similar IT security role within Defence or OGD Familiarity with WARP processes and incident response More ❯

expert in delivery of the DomainTools Engage training program with a view towards enabling our customers to more effectively derive value from DomainTools products. Utilise your expertise in Cyber Threat Intelligence to learn where DomainTools data intersects, as well as the competitive landscape. Collaborate with the DomainTools product and engineering teams to define and test new features across More ❯

expert in delivery of the DomainTools Engage training program with a view towards enabling our customers to more effectively derive value from DomainTools products. Utilise your expertise in Cyber Threat Intelligence to learn where DomainTools data intersects, as well as the competitive landscape. Collaborate with the DomainTools product and engineering teams to define and test new features across More ❯

expert in delivery of the DomainTools Engage training program with a view towards enabling our customers to more effectively derive value from DomainTools products. Utilise your expertise in Cyber Threat Intelligence to learn where DomainTools data intersects, as well as the competitive landscape. Collaborate with the DomainTools product and engineering teams to define and test new features across More ❯

with a wide variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient … which could lead to a Cyber Security Incident. Inspection and correlation of logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC). Continuously scan the Threat Horizon to report and classify Threats according to impact which could potentially damage a clients network or solution. Engage with various security communities to review and share knowledge on … variants, and Elastic Security, or displays aptitude to learn how to work with a SIEM. Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence. Experience of investigating Cyber Security incidents and supporting root cause analysis or can demonstrate transferable skills and acumen to learn and excel at it. Understanding of the Confidentiality More ❯

business targets, landing deals typically in the £20k–£40k range . Cybersecurity Services You’ll Sell Penetration Testing & Red Teaming Managed Detection & Response (MDR) Security Operations Centre (SOC) services Threat Intelligence & Risk Advisory Incident Response & Crisis Management Cloud & Endpoint Security Solutions What You Bring Proven track record in new business cybersecurity sales , ideally across enterprise or upper mid More ❯

business targets, landing deals typically in the £20k–£40k range . Cybersecurity Services You’ll Sell Penetration Testing & Red Teaming Managed Detection & Response (MDR) Security Operations Centre (SOC) services Threat Intelligence & Risk Advisory Incident Response & Crisis Management Cloud & Endpoint Security Solutions What You Bring Proven track record in new business cybersecurity sales , ideally across enterprise or upper mid More ❯

business targets, landing deals typically in the £20k–£40k range . Cybersecurity Services You’ll Sell Penetration Testing & Red Teaming Managed Detection & Response (MDR) Security Operations Centre (SOC) services Threat Intelligence & Risk Advisory Incident Response & Crisis Management Cloud & Endpoint Security Solutions What You Bring Proven track record in new business cybersecurity sales , ideally across enterprise or upper mid More ❯

other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to CareCERT, CiSP, vendor and other specialist threat intelligence feeds. Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch management routine as detailed in the patch management More ❯

security, and compliance, empowering you to sell with confidence and deliver real value. What Were Looking For Proven success in cyber security sales, ideally within penetration testing, managed SOC, threat intelligence or Cyber Essentials Strong experience in new business B2B sales The ability to engage senior stakeholders at UK SMEs and mid-market organisations A collaborative, driven mindset More ❯

Account Executives and support them with background research and context. Collaborate with marketing to provide feedback on campaign performance and market signals. Stay up to date on cybersecurity trends, threat intelligence, and The clients products and value proposition. You’ll need: 1–2 years’ experience in a sales or business development role, ideally in B2B SaaS or cybersecurity. More ❯

Account Executives and support them with background research and context. Collaborate with marketing to provide feedback on campaign performance and market signals. Stay up to date on cybersecurity trends, threat intelligence, and The clients products and value proposition. You’ll need: 1–2 years’ experience in a sales or business development role, ideally in B2B SaaS or cybersecurity. More ❯

Account Executives and support them with background research and context. Collaborate with marketing to provide feedback on campaign performance and market signals. Stay up to date on cybersecurity trends, threat intelligence, and The clients products and value proposition. You’ll need: 1–2 years’ experience in a sales or business development role, ideally in B2B SaaS or cybersecurity. More ❯

proactively with clients, running tabletop exercises, purple-team operations, playbook development, and helping them build resilience before the next crisis strikes.You’ll collaborate closely with brilliant minds in forensics, threat intelligence, and crisis management, all working together to help clients make the right decisions in the toughest moments. More ❯

Data, youll lead and develop a team of security professionals, oversee the delivery and ongoing management of our security infrastructure, and act as the go-to technical expert in threat detection, incident response, and vulnerability management. Were looking for someone with strong leadership skills, a deep knowledge of the cyber security landscape, and a real passion for safeguarding digital … Lead incident response, creating and maintaining playbooks and ensuring quick, effective action during any breaches. Stay ahead of threats by managing vulnerabilities, coordinating penetration tests, applying patches, and analysing threat intelligence. Shape our security architecture and ensure compliance with policies, regulations, and industry standards. Report on our security posture and drive a security first culture through training, awareness, and … and mentoring a team. Extensive experience with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, and vulnerability scanning tools. In-depth knowledge of incident response procedures, threat hunting, and forensic investigation techniques. Strong understanding of networking protocols, operating systems, and cloud security principles. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop and More ❯

Customer Communications - You provide timely incident updates and lead bridging calls with customers during high-priority incidents, ensuring that communications are clear, evidence-led, and aligned to customer expectations. • Threat Hunting Oversight - You lead and coordinate proactive threat hunting across customer environments, using hypothesis-based approaches to identify undetected threats and validate detection coverage. Essential Duties • Advanced Investigation … all available tooling. o Reconstruct attack chains and identify root causes using MITRE ATT&CK. o Recommend and coordinate response actions to mitigate impact during active incidents. • IOC and Threat Analysis o Investigate indicators of compromise using commercial and open-source threat intelligence. o Validate alerts and determine their relevance to customer environments, providing context on adversary behaviour … and recommending follow-up actions when threats are confirmed. • Threat Hunting o Lead and participate in threat hunts using hypothesis-driven approaches mapped to TTPs and MITRE ATT&CK. o Leverage telemetry and queries in tooling to identify suspicious indicators not surfaced through existing detection logic. o Document hunting activities, findings, and detection coverage gaps to support tuning More ❯

SOC Specialist | London based 2-3x a week | £85,000 + Benefits Role Brief Join a global Security Operations Center team providing 24/7 threat detection and incident response. As a SOC Specialist, you’ll act as a frontline defender—monitoring alerts, leading investigations, and conducting proactive threat hunts. You'll work with a range of … documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat Intel, Red Teams More ❯

SOC Specialist | London based 2-3x a week | £85,000 + Benefits Role Brief Join a global Security Operations Center team providing 24/7 threat detection and incident response. As a SOC Specialist, you’ll act as a frontline defender—monitoring alerts, leading investigations, and conducting proactive threat hunts. You'll work with a range of … documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat Intel, Red Teams More ❯