101 to 125 of 354 Threat Intelligence Jobs

and contributing to bid processes. What Were Looking For: An experienced Information Security Consultant with a strong background in IT security operations. Expertise in Microsoft O365 Security Solutions including threat intelligence, incident response, and disaster recovery. Strong knowledge of Cyber Essentials, ISO 27001, GDPR, and other data protection frameworks. Experience in vulnerability scanning, risk management, and security documentation. More ❯

contributing to bid processes. What We’re Looking For: An experienced Information Security Consultant with a strong background in IT security operations. Expertise in Microsoft O365 Security Solutions – including threat intelligence, incident response, and disaster recovery. Strong knowledge of Cyber Essentials, ISO 27001, GDPR, and other data protection frameworks. Experience in vulnerability scanning, risk management, and security documentation. More ❯

designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as More ❯

SIEM and EDR tools. Refine detection rules and reduce false positives by tuning alerts and correlation logic. Guide junior analysts and validate incident escalations from Tier 1. Contribute to threat intelligence, reporting IOCs and sharing insights with internal teams. Support vulnerability management processes, including risk-based remediation prioritisation. Document incident timelines, impact assessments, and remediation steps. Assist with More ❯

and SIEM technologies. Knowledge and experience read and interpret deep packet capture (PCAP) and log analysis. Knowledge and experience in Forensic and Malware Analysis Knowledge and experience in Cyber Threat and Intelligence gathering and analysis More ❯

and virtualization. Familiarity with cloud security (Azure, AWS, etc.). Knowledge of compliance frameworks like PCI DSS, HIPAA, SOC 2. Proficiency with Windows, Linux, macOS, and network protocols. Understanding threat intelligence platforms and attack mitigation techniques. Strong problem-solving skills. Certifications: CISSP, CEH, Security+, CISM, or similar; Cisco CCNP Security or equivalent. Experience managing security projects and large More ❯

United Kingdom, with a primary focus on cyber assurance, third-party risk management, and large-scale regulatory compliance audits. In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring More ❯

value, and support the tuning of noisy alerts. Identify gaps in our logging and manage the onboarding of these from pre-implementation considerations, through to log availability monitoring. Undertake threat hunts to identify gaps in our logging and alerting. Use this along with threat intel to help drive our maturity road map. Support day-to-day management and … standardised responses for reliability issues. Create, maintain, and analyse Security Operations dashboards and reports fed into management and stakeholders across the business. Identify key trends to help inform Trainlines threat landscape and key Security risks. (Once established within the team) join the on-call rota, responding to high priority incidents out-of-hours to ensure uninterrupted protection of mission More ❯

I am looking for a highly skilled Security Operations & Threat Intelligence Analyst to join a cybersecurity provider dedicated to protecting organizations from cyber threats. With global reach and deep technical expertise, the company delivers advanced threat detection, response, and intelligence services. Its mission is to build a safer digital society by helping businesses stay resilient through … proactive security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track … threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat More ❯

About Apexanalytix At Apexanalytix, we help some of the world’s largest companies stay ahead of risk. Our Cyber Threat & Vulnerability team provides cutting-edge analysis, monitoring, and intelligence on third-party and supplier cyber threats — helping procurement and risk leaders understand and act on the hidden risks in their extended supply chains. The Opportunity We’re looking … for a smart, curious, and capable individual to join our growing cyber threat team. This is a junior role, ideal for someone entering their first or second cybersecurity position who wants to step into a fast-paced, high-impact environment. You’ll be working directly with the Head of Cyber Threat Analysis, helping to assess supplier exposure, track … threat actor behaviours, and identify vulnerabilities across global supply chains. It’s a rare chance to be part of a tight-knit team tackling real-world threats at scale. What You'll Be Doing Supporting the delivery of threat intelligence and vulnerability assessments for global clients in the form of reports, briefings and alerts. Monitoring threat More ❯

Description We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards improving CME Group's security posture. This role will be responsible for participating in the execution of Red Team cyber exercises of internal and internet facing information systems and infrastructure to identify misconfigurations and … cyber security vulnerabilities that could be exploited by a threat actor to gain unauthorized access to computer systems and data. In addition, the role will require participation in Purple Team exercises to help the Blue Team improve their detection capabilities. This is a perfect opportunity for the right person to become a key part of a team of highly … skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. Principal Responsibilities Lead red team exercises against a hybrid environment using threat intelligence and the MITRE ATT&CK Framework. Participate in purple team exercises that are intelligence driven to test cyber detections Build and maintain Red and Purple team infrastructure, automating functions More ❯

cFocus Software seeks a Cyber Threat Hunter (Senior) to join our program supporting US Courts in Washington, DC. This position has remote capabilities. This position requires an active Public Trust clearance and must meet 8570 requirements. Required Qualifications include: 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such … as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon & Auditd) 5 years of experience with the following threat hunting tools: Microsoft … Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN/ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC Desired Qualifications include: One of the following certifications: GIAC Certified Intrusion Analyst More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing, and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real-time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

instrumental in driving SOC maturity, optimizing license consumption, and enhancing security visibility across the enterprise. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools … performance of Microsoft security tools Mentor junior SOC analysts and contribute to internal capability development Maintain and enhance incident response playbooks, processes, and documentation Produce regular performance metrics and threat intelligence summaries Required Skills & Experience 5+ years in cybersecurity, with at least 2+ years at SOC Level 3 or senior analyst level Strong expertise in Microsoft Azure , including … understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build and manage detection use cases aligned with evolving threats Familiarity with the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation More ❯

NIST, FCA ). Collaborate with key stakeholders to gather and analyze technical security data for accurate risk evaluation and remediation. Work closely with Vulnerability Assessment & Penetration Testing (VAPT) , Threat Intelligence , and Incident Response teams to understand technical risks and validate that appropriate controls are in place. Contribute to the ongoing improvement of Governance, Risk, and Compliance (GRC) practices … by incorporating findings from technical assessments and adapting to emerging threat landscapes. Prepare clear and concise documentation and reporting for senior leadership, audit committees, and regulatory authorities. Support internal and external audit activities by providing required risk assessments, compliance documentation, and evidence. Key Skills & Experience: Proven experience in cybersecurity risk analysis or information security governance . Strong knowledge of … information security frameworks and regulatory standards , particularly ISO 27001, NIST, and FCA requirements. Experience working collaboratively with technical security teams (eg, VAPT, Threat Intel, IR). Understanding of risk management principles and GRC practices. Excellent communication skills, with the ability to convey technical risk to both technical and non-technical audiences. Experience supporting audit and compliance efforts. More ❯

that matters. We're looking for a Cybersecurity Subject Matter Expert (SME) with a background in risk management, cybersecurity frameworks, and IT defense strategies to support critical government and intelligence initiatives. If you're passionate about protecting systems from evolving threats and thrive in a mission-critical, analytical, and leadership-oriented role-this opportunity is for you. RESPONSIBILITIES Conduct … Nessus, Splunk, SCAP, STIGs) Knowledge of federal cybersecurity policies and standards (e.g., FISMA, FedRAMP, NIST SP 800-53) Excellent analytical, communication, and stakeholder engagement skills Experience supporting cybersecurity for intelligence or defense systems Familiarity with cloud security, Zero Trust architecture, and endpoint protection solutions Background in incident response, penetration testing, or threat intelligence Experience implementing RMF within More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

adjacent fields (e.g. Data, DevOps, Cloud) on the fundamentals and best practices of cyber security. Be part of updating training content to reflect current cyber industry trends, tools and threat landscapes. Work closely with the curriculum team to improve and tailor course content and delivery methods. Some weeks will require travel into the London HQ for in-person sessions … security engineering, consulting, or operations Ability to teach and explain key cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT More ❯

adjacent fields (e.g. Data, DevOps, Cloud) on the fundamentals and best practices of cyber security. Be part of updating training content to reflect current cyber industry trends, tools and threat landscapes. Work closely with the curriculum team to improve and tailor course content and delivery methods. Some weeks will require travel into the London HQ for in-person sessions … security engineering, consulting, or operations Ability to teach and explain key cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT More ❯

role responsible for shaping and executing the strategic vision of the Global Cyber Defense (GCD) organization. This position leads a diverse team across multiple cybersecurity domains including Incident Response, Threat Intelligence, Red Team, Cyber Countermeasures, Threat Hunting, Vulnerability Management, Forensics, eDiscovery, and Insider Threat programs. The role requires a strategic thinker with deep technical expertise, strong … and implement the strategic vision for Global Cyber Defense in alignment with broader cybersecurity and business goals. Lead efforts to identify and respond to emerging cyber threats using advanced threat intelligence and proactive defense strategies. Oversee incident response planning and execution, ensuring alignment with broader crisis management frameworks. Build and maintain robust capabilities in Data Loss Prevention, cyber … forensics, and eDiscovery. Direct red teaming, cyber countermeasures, and threat hunting initiatives, including internal and external cyber defense exercises. Drive effective vulnerability management strategies, ensuring integration with the wider D&T organization and reporting to senior leadership. Business Expertise Deep understanding of the cybersecurity landscape, including industry-specific threats and compliance requirements. Strategic knowledge of the business environment, regulatory More ❯

to enhance overall security posture What We're Looking For: ️ Proven experience as a Cybersecurity Specialist or in a similar role within IT security ️ Strong knowledge of cybersecurity principles, threat intelligence, and security controls ️ Experience with security tools (e.g., SIEM, firewalls, EDR, VPN, DLP) and vulnerability management ️ Solid understanding of regulatory frameworks and industry standards (e.g., GDPR, NIST More ❯

delivery of critical systems that protect citizens and national interests. Working with the Principal Security Architect, you will own security architecture for a major portfolio, translate business goals and threat intelligence into practical controls, and mentor SEO level architects to raise capability across multiple programmes. You will engage senior stakeholders, balance risk against usability and cost, and shape … Security Architect strategy, translating them into reusable templates and guardrails. Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure. Perform and interpret threat modelling/pen test results, converting findings into road mapped improvements and measurable risk reductions. Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing … effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security, network segmentation, encryption and DevSecOps toolchains; capable of explaining exploitability of complex vulnerabilities. Pen testing & threat modelling: scoping, overseeing and translating results into enforceable patterns and backlog items. Influential communication: proven ability to engage C suite and delivery squads alike, adapting style to gain agreement More ❯

escalate incidents with sound judgement — this isn’t checkbox security work. Dive deep into data using PCAP, endpoint logs, network telemetry and behavioral analytics. Hunt for threats proactively, leveraging threat intelligence, patterns, and instincts built from experience. Work cross-functionally with other teams to contain, mitigate and learn from security incidents. Act as a mentor to Tier … better tooling and smarter monitoring. What You Bring You’re not new to this. You’ve been in the trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network More ❯