1 to 25 of 778 Threat Intelligence Jobs

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised … Contribute to a reference architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges … native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯

steps Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations Participate in on-call or out-of-hours technical support where appropriate Threat Intelligence and Analysis: Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns Lead threat intelligence sharing within the organisation and with … external partners Mentor Tier 1 staff in interpreting threat data and logs during investigations Security Monitoring and Detection Engineering: Conduct continuous security monitoring of network traffic, endpoints, and critical systems Proactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidelity Support onboarding of new data sources into SIEM and help define … Coordinate and support risk-based prioritisation of vulnerability remediation efforts Support vulnerability lifecycle management, including exception handling, patch validation, and reporting Provide vulnerability remediation guidance based on CVSS scores, threat context and business impacts Collaboration and knowledge sharing: Act as a technical mentor to Tier 1 analysts, supporting their development and escalation handling Work closely with other IT teams More ❯

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite, and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards, as well as industry-recognized … to both technical and non-technical stakeholders Contribute to a reference architecture of established patterns, principles, and guidelines Research emerging technologies and new products, positioning them against the evolving threat landscape and client risk appetite Distil complex information into key discussion points to facilitate resolution rather than just identifying challenges Contribute to developing the Security Practice's skills and … Experience with Cloud platforms (AWS and/or Microsoft Azure), including native security features and best practices Deep knowledge of modern security concepts, attack vectors, malware, security analytics, and threat intelligence Understanding of security testing and vulnerability management, including pen testing, CVSS, and CVE Experience with security standards such as ISO 27001, 27002, 27017, and 27108 DESIRABLE SKILLS More ❯

clients. The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecurity threats, as well as managing security tools and mentoring junior analysts. This role involves proactive threat hunting, incident response, and collaboration with cross- functional teams to enhance the organization s security posture. Key responsibilities: 1. Incident Detection and Response: o Lead investigations and remediation of … complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. o Take ownership of Tier 3- level escalations from Tier 1 and Tier 2 analysts and guide them through complex incident … response procedures. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioral analysis and threat intelligence data. o Analyze data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. o Collaborate with other security teams to uncover hidden threats and vulnerabilities. o Perform in More ❯

We are seeking a Senior Security Engineer to join our team. If you have a passion for cybersecurity, thrive on solving complex security challenges, and are experienced in advanced threat detection and response, we’d love to hear from you! As a Senior Security Engineer, you will be responsible for protecting our systems, networks, and data from cyber threats. … in the completion of security projects. Ensure platform security by design and provide technical guidance aligned with the product roadmap. Conduct vulnerability assessments, manage security risks, and respond to threat intelligence feeds. Monitor systems and networks for suspicious activity and engage in response procedures as necessary. Manage and document all stages of security incident response, including detection, containment … protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like an More ❯

NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO … NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information … to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information … posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information … posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯

Cyber Essentials+, and other relevant compliance standards. Published thought leadership and public speaking experience at major industry events. Additional Information The Team Unit 42 brings together our world-renowned threat researchers with an elite team of security consultants to create an intelligence-driven, response-ready organization. The Unit 42 Threat Intelligence team provides threat research More ❯

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

Collaborate with IT, cloud, and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools … IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC More ❯

the use of relevant encryption standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of UKPN concerning the ever-changing cyber threat landscape. People – work collaboratively in a team environment and with a range of internal and external people Financial – no direct budget responsibility. Suppliers – regular interaction with 3rd party service … security testing and analysis. Cyber Security Knowledge: An understanding of the principles and standards of cyber security, such as encryption, authentication, authorization, network security, application security, cloud security, and threat intelligence. Security Technologies: Proficient in using different security technologies, such as firewalls, end point protection, web protection, email protection, intrusion detection and prevention systems, vulnerability scanners, encryption software, VPNs More ❯

training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security More ❯

Job Title: Senior Threat Cyber Intelligence Analyst Location: Local to DMV Clearance: TS/SCI w Full Scope Poly Employment Type: Full Time Education: Bachelor's degree in Cybersecurity, Information Security, or a related field Work Status: Local to DMV Salary: $145,000-$185,000 Benefits: Competitive salary and bonus structure, comprehensive health insurance, 401(k) with company … and correlation of events across disparate incident reports Collaborate with our team to refine the evaluation methodology and provide expert insights Required Skills 5+ years of experience in cybersecurity, threat intelligence, or incident response Deep understanding of advanced persistent threats (APTs) and cyber attack methods Familiarity with cybersecurity frameworks and standards (e.g., MITRE ATT&CK, NIST Cybersecurity Framework … Experience with threat intelligence platforms and open-source intelligence (OSINT) tools Strong analytical and writing skills, with the ability to distill complex information into clear and concise narratives Familiarity with natural language processing (NLP) and LLMs is a plus, but not required Desired Skills (Optional) Hands-on experience with security information and event management (SIEM) systems, and More ❯

Job Description: Head of Cyber Threat Exposure Permanent London/Staines/Manchester (Hybrid Working) We consider all types of flexibility, including locations, hours and working patterns. We make health happen. At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our … mission is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination … end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming. Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and More ❯

threats to understand and refine processes and controls. Your responsibilities will include but are not limited to being an escalation point and expert on cyber incidents of various types, threat hunting for TTPs prioritized by internal and external threat intelligence, owning team process improvements as well as mentorship, and staying on top of industry technology and cyber … threat advancements. We are a passionate global team dedicated to helping keep our clients and our firm safe. RESPONSIBILITIES Maintain a core competency in event analysis and serve as an escalation point for noteworthy investigations, deeper investigations, and those that require critical attention. Continue to build out new capabilities within the program aligned with our attack surface. Opportunities include … dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk. Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within … include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast of cyber threat developments More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing More ❯

and remediations with the tech teams. Performing risk analysis on when vulnerability management incidents • Being integral to projects related to Security Operations • Staying up to date with the latest threat intelligence and threat hunting methodologies to recommend improvements to current processes and security controls • Performing DSAR requests Experience Required • 5 years+ experience in a SOC environment • Strong … Forensics investigations - Cloud security in MS Azure • Experience of participating in security incident response including identification, preservation and interpretation of computer evidence • Familiarity with database and operating system security • Threat hunting • Defence in Depth techniques • Previous experience working in a technical information security role with similar responsibilities to the above • Experience in being a key stakeholder in projects with More ❯