26 to 50 of 65 Remote Threat Intelligence Jobs

day basis. Provide out of hours technical escalation support to shift analysts Main Duties and Responsibilities: Developing SIEM detection rules and tuning alerts across our client estates. Conduct proactive threat intelligence research and carry out threat hunting across client estates Training of analysts and developing training resources and materials Act as a point of escalation for the … Understanding of security attack vectors and techniques utilised, including areas such as Business Email & user account Compromise, malicious payload installation & execution and reconnaissance activity. Understanding of the everchanging emerging threat landscape and how to interpret these threats to create initiate mitigation actions across a clients security estate. Willingness to learn, adapt, and innovate Critical thinking and analytical skills Excellent More ❯

Description We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards improving CME Group's security posture. This role will be responsible for participating in the execution of Red Team cyber exercises of internal and internet facing information systems and infrastructure to identify misconfigurations and … cyber security vulnerabilities that could be exploited by a threat actor to gain unauthorized access to computer systems and data. In addition, the role will require participation in Purple Team exercises to help the Blue Team improve their detection capabilities. This is a perfect opportunity for the right person to become a key part of a team of highly … skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. Principal Responsibilities Lead red team exercises against a hybrid environment using threat intelligence and the MITRE ATT&CK Framework. Participate in purple team exercises that are intelligence driven to test cyber detections Build and maintain Red and Purple team infrastructure, automating functions More ❯

privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST … Compliance & Audits - Partner with InfoSec and Legal to prepare evidence, manage technical controls, and remediate audit findings. InfoSec Partnership - Collaborate proactively with the Information Security team on policy development, threat intelligence sharing, incident response, and compliance initiatives, ensuring organisation-wide alignment. Engineering Partnership & Enablement - Work hand-in-hand with engineering squads to raise security awareness, improve secure coding … Experience working within high-sensitivity data environments Strong awareness of compliance standards and the requirements on software teams, especially for ISO27001 and SOC2. FedRAMP experience advantageous. Demonstrated experience performing threat modelling, penetration test scoping, and vulnerability management. Deep understanding of IAM concepts, encryption/key-management, and secure network design. Excellent communication skills with ability to translate technical risk More ❯

designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as More ❯

product owners, and compliance teams to ensure that secure design principles and automated security controls are Embedded throughout the software development lifecycle (SDLC). You will take ownership of threat modeling, vulnerability management, and security automation efforts with a specific focus on cloud platforms, primarily Google Cloud Platform (GCP). You will be instrumental in building scalable, resilient security … Application Security Architecture & Strategy Lead the design and implementation of comprehensive application security frameworks that guide the secure development of cloud-native APIs, microservices, and web applications. Conduct detailed threat modeling workshops and architectural risk assessments, identifying vulnerabilities early and collaborating on risk mitigation strategies. Define and enforce secure coding standards and architectural best practices aligned with industry benchmarks … industries. Hands-on experience with a range of application security testing tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding standards and common vulnerabilities (OWASP Top 10, API Security Top 10) and how to mitigate More ❯

Management (SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key … improving our security operations processes, escalation paths and playbooks. Leveraging AI capabilities to enhance the effectiveness of our security capabilities and your own productivity in the role. Consuming relevant threat intelligence to drive proactive action within the Cyber Security and wider IT environment. Indicative Performance Measures Mean time for business recovery to C1 (Highest criticality) level security incidents … and following common response frameworks. Experience within the gaming industry providing security operations support to game releases, game infrastructure monitoring and live game operations. Strong appreciation of the cyber threat landscape and attacker tactics, techniques and procedures. Experience developing operational processes and playbooks. Desirable Interpersonal Skills: Ability to remain composed and effective during high-pressure situations. Clear focus on More ❯

lifecycle of a product, from concept to completion. Sustainability and Innovation: Siemens DI SW emphasizes sustainable business growth and innovation through its comprehensive digital solutions. Job Summary: The Artificial Intelligence (AI) Security Engineer will be responsible for leading the development and implementation of security strategies for our artificial intelligence (AI) systems. In this role, you will design and … the product run time. Position Overview: Siemens Software (DI SW) is looking for a highly skilled and experienced leader reporting to the Director of Security Innovation & Automation. The Artificial Intelligence (AI) Security Engineer will play a critical role in developing and implementing security frameworks for AI models, algorithms, and datasets while collaborating across the product teams and Product Solution … Security Officers (PSSO). Key Responsibilities: Assist the Director of Security Innovation & Automation in all aspects of Artificial Intelligence (AI) security while ensuring security in the product "run time" space. Develop and implement security frameworks for AI models, algorithms, and datasets. Automate the governance of our internal and external AI Models Automate the security of our internal and external More ❯

of the most complex enterprise environments in the UK and beyond. This isn't a typical penetration testing role. You'll be leading tailored campaigns that emulate real-world threat actors - from phishing initial access through to cloud-native post-exploitation and domain-level compromise in hybrid estates. We focus on intelligence-led engagements, simulating TTPs derived from … current threat actors, helping our clients uncover blind spots and prepare for the attacks that actually matter. We value curiosity, creativity, and diverse experience - some of our team came from medicine, others from blue team, IT, or non-technical backgrounds. If you're an experienced operator looking to work on challenging problems alongside a strong and supportive team, we … and social engineering campaigns with behavioural realism. Performing advanced Active Directory enumeration and abuse, including trust path abuse, delegation exploitation, and credential material extraction. Simulating adversary behaviour based on threat intelligence and frameworks (MITRE ATT&CK, TIBER, etc.). Identifying and exploiting weaknesses in cloud environments (Microsoft 365, Azure AD, AWS, GCP, Okta). Bypassing modern detection controls More ❯

Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like … Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to make an impact? Apply today More ❯

and device management. Vulnerability Management Conduct and oversee regular vulnerability assessments on systems, networks, and applications. Identify, analyse, and prioritise vulnerabilities based on risk and potential impact and utilise threat intelligence analysis to determine the risk posed by identified vulnerabilities. Collaborate with the IT MSP to develop and implement remediation plans, drive remediation efforts and identify improvements in More ❯

and device management. Vulnerability Management Conduct and oversee regular vulnerability assessments on systems, networks, and applications. Identify, analyse, and prioritise vulnerabilities based on risk and potential impact and utilise threat intelligence analysis to determine the risk posed by identified vulnerabilities. Collaborate with the IT MSP to develop and implement remediation plans, drive remediation efforts and identify improvements in More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable More ❯

delivery of critical systems that protect citizens and national interests. Working with the Principal Security Architect, you will own security architecture for a major portfolio, translate business goals and threat intelligence into practical controls, and mentor SEO level architects to raise capability across multiple programmes. You will engage senior stakeholders, balance risk against usability and cost, and shape … Security Architect strategy, translating them into reusable templates and guardrails. Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure. Perform and interpret threat modelling/pen test results, converting findings into road mapped improvements and measurable risk reductions. Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing … effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security, network segmentation, encryption and DevSecOps toolchains; capable of explaining exploitability of complex vulnerabilities. Pen testing & threat modelling: scoping, overseeing and translating results into enforceable patterns and backlog items. Influential communication: proven ability to engage C suite and delivery squads alike, adapting style to gain agreement More ❯

growing bonus What you'll be doing Drive improvements to cyber security posture across internal and customer-facing platforms Design and secure cloud-based infrastructure and customer applications Perform threat detection, incident response , and vulnerability remediation Maintain security architecture documentation and collaborate with third-party vendors Conduct threat intelligence research and recommend ongoing improvements What you'll More ❯

and supporting the creation and implementation of security policies and best practices. The Analyst plays a key part in protecting MPS data and assets from potential threats by reviewing threat intelligence and recommending ways to prevent or minimize risks. In addition to day-to-day tasks, the role also involves supporting and promoting security best practices, as well More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role … accurate revenue forecasts and budgets for the renewal sales team, aligning with company objectives and the delivery of accurate and timely forecasts by the team for escalation reporting. Market Intelligence: Stay updated on industry trends, competitors, and customer needs to offer localize insights to global MI, including specific focus on trends regarding renewal best practices. Process Improvement: Continuously evaluate More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . The More ❯

s information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers More ❯

s information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers More ❯

s information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers More ❯

projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability for specific environments, and determine optimal implementation timing and approach. Manage large-scale programmatic engagements, including stakeholder engagement, scoping, pricing … and issue escalation. Business development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role More ❯

of the SOC, including incident response, monitoring, and reporting. Designing, implementing, and continuously improving operational security processes. Acting as the primary point of contact for security incidents and coordinating threat response efforts. Actively contributing to the further development of the SOC in terms of processes and tooling. Collaborating with other IT departments (infrastructure, networks, applications) and external partners. Reporting … least 5 years of experience in IT Security, ideally with 2+ years in a managerial role within a SOC or similar environment. Solid knowledge of SIEM systems, incident response, threat intelligence, and security monitoring. Proven experience in managing projects and optimizing operational processes. A true team player with strong communication and interpersonal skills. You have a helicopter view More ❯