1 to 25 of 317 Threat Intelligence Jobs

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised … Contribute to a reference architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges … native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯

security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share and gain intel from … alignment with compliance standards. Act as a thought leader for the firm on Cyber Defence, maintaining an awareness of emerging cyber threats and defensive innovations, through independent research and threat intelligence insights from the Threat and Vulnerability Management team. Use these insights to inform strategic recommendations made to Head of Cyber Defence on new approaches to address More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

Collaborate with IT, cloud, and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools … IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC More ❯

training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security More ❯

Job Title: Senior Threat Cyber Intelligence Analyst Location: Local to DMV Clearance: TS/SCI w Full Scope Poly Employment Type: Full Time Education: Bachelor's degree in Cybersecurity, Information Security, or a related field Work Status: Local to DMV Salary: $145,000-$185,000 Benefits: Competitive salary and bonus structure, comprehensive health insurance, 401(k) with company … and correlation of events across disparate incident reports Collaborate with our team to refine the evaluation methodology and provide expert insights Required Skills 5+ years of experience in cybersecurity, threat intelligence, or incident response Deep understanding of advanced persistent threats (APTs) and cyber attack methods Familiarity with cybersecurity frameworks and standards (e.g., MITRE ATT&CK, NIST Cybersecurity Framework … Experience with threat intelligence platforms and open-source intelligence (OSINT) tools Strong analytical and writing skills, with the ability to distill complex information into clear and concise narratives Familiarity with natural language processing (NLP) and LLMs is a plus, but not required Desired Skills (Optional) Hands-on experience with security information and event management (SIEM) systems, and More ❯

Job Description: Head of Cyber Threat Exposure Permanent London/Staines/Manchester (Hybrid Working) We consider all types of flexibility, including locations, hours and working patterns. We make health happen. At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our … mission is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination … end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming. Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within … include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast of cyber threat developments More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing More ❯

Position Overview The Insider Threat Cybersecurity Specialist plays a critical role in identifying, investigating, and mitigating insider threats across the environment. This role combines technical expertise in threat detection and behavioral analytics with strategic collaboration across security, HR, legal, and compliance teams. The ideal candidate will have a strong background in SIEM/EDR tools, data loss prevention … and insider threat frameworks, and will contribute to the continuous improvement of our Insider Threat Program. Key Responsibilities Monitor and analyze user activity for anomalous behavior using SIEM, EDR, and UEBA tools. Develop and tune detection rules and alerts in platforms like Splunk and Microsoft Sentinel to identify insider threats and privileged account misuse. Lead or support investigations … into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment. Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments. Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds. Perform vulnerability assessments and risk More ❯

Analysts & the Vulnerability management team Comfortable operating in a technical capacity performing hands-on incident response and supporting/managing SOC analysts Act as a SME in matters related threat and vulnerability management incl incident response Understand security incidents and the likely impact these will have on the business Define and report on KPIs with recommendations for improvement Identify … books, operating processes and procedures Help to develop and configure use cases, and alerting rules within SIEM technologies Mange the vulnerability management programme that includes vulnerability scanning, security testing, threat monitoring and data loss and leakage prevention Direct on-going threat intelligence activities Mentor and develop security analysts Skills: Prior experience working/managing a SOC Demonstrable … experience and operational knowledge of SIEM, firewalls, intrusion detection and vulnerability management systems/solutions Detailed understanding of Security Monitoring, Threat Intelligence, Vulnerability management and Incident Response Experience managing security incidents within a complex environment. Strong foundation in network security and common attack methodologies Exposure to user behaviour analytical tools is preferable Good understanding of common protocols such More ❯

swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis … and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections … while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA More ❯

swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis … and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections … while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA More ❯

swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis … and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections … while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA More ❯

and highly capable SOC Tier 3 Analyst to serve as a senior member of our Security Operations Center (SOC). You will lead advanced incident response efforts, conduct proactive threat hunting, perform digital forensics, and collaborate cross-functionally to safeguard our digital assets and infrastructure. This is a pivotal role for those passionate about cybersecurity, threat detection, and … including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network … Advise on containment, eradication, and recovery procedures in collaboration with IT and infrastructure teams. Ensure proper cleanup and restoration of affected systems. Share Indicators of Compromise (IOCs) and support threat blocking strategies. Collaboration & Knowledge Sharing Mentor junior SOC analysts and share knowledge across incident response workflows. Engage with stakeholders across IT, DevOps, and legal to enhance security posture. Contribute More ❯

s team! The successful candidate will play a vital part in protecting national security infrastructure by identifying, analyzing, and responding to complex cyber threats. They will lead efforts in threat detection, packet analysis, and incident response, while mentoring junior analysts and supporting advanced defense strategies in partnership with federal stakeholders. Requirements: Active Top Secret clearance required Bachelor s degree … or related engineering field preferred; equivalent military or professional experience may be considered in lieu of degree Minimum 5+ years of hands-on experience in a SOC or cyber threat analysis role 5+ years of overall experience in cybersecurity or information systems environments DoD 8570 IAT II Certification required (Sec+, CISSP, GCIH, CYSA+) required Proficiency in packet analysis tools … with EDR/XDR tools, IDS/IPS, and log analysis Understanding of TAP implementations and encrypted traffic analysis In-depth understanding of cyber kill chain, attacker TTPs, and threat landscape Comfortable with Windows, Linux, and cloud security monitoring environments Preferred: One of more additional certification is preferred: GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC More ❯

Proven experience in cyber security operations and incident management. * Strong knowledge of ISO 27001, NIST, and related frameworks. * Experience with GRC processes and tools. * Familiarity with SOC operations and threat detection technologies. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams and promote security awareness. * Strong stakeholder engagement and communication skills. * Relevant … consult you before submitting it to any client. Keywords: Cyber Security Lead, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GSLC, CCP, GIS, GRC, SOC, Risk Management, Threat Intelligence, Defence, Stakeholder Engagement, SC Clearance, Cyber Compliance, Security Governance, Security Awareness, West Midlands, Cyber Risk, Cyber Strategy, Adecco More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

telework 1 or 2 days in the office) Clearance: TS/SCI Clearance Position Description Cybersecurity Specialist Purpose: The Air Force ISR Digital Infrastructure Transformation paves the way for intelligence analysts to securely harness the latest technological advancements. It is orchestrated through Data and Analytics, Sense Making/Automation, Augmentation and AI (AAA), Networks, Hybrid and Multi-Cloud, Enterprise … Services, and cybersecurity capabilities. This structure allows integration, synchronization, and coordination with the Intelligence IC, Department of Defense (DoD), and commercial partners. The AF IC's ability to advance its digital infrastructure transformation and deliver intelligence at the speed of relevance hinges on people, processes, and technology. Proactively informing and developing our digitally savvy Airmen on capability portfolio … technical support. Additionally, the candidate will offer cybersecurity and zero trust expertise to support existing, ongoing, and expanding programs, projects, technologies, processes, and workforce innovations throughout the Air Force Intelligence Community (AF IC) Information Environment. This work will be in alignment with desired strategic and operational outcomes. Education: • Bachelors or Masters in Cybersecurity, Computer Science, Information technology or a More ❯

secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review. Understand Threat Intelligence and its use in an operational environment Threat Hunting and the ability to look for attacks that may not have been captured Support incident response to More ❯