101 to 125 of 174 Threat Intelligence Jobs

experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. … foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate remediation. Monitor and analyse security events across multiple platforms. Identify, assess, and escalate threats and vulnerabilities. Maintain and evolve … a 24×7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams More ❯

and use cases. Investigate & Respond: Monitor and triage alerts across a range of SIEM, EDR, and XDR platforms. Perform in-depth investigations and escalate critical incidents as needed. Conduct threat hunting and vulnerability analysis activities. Prepare reports and updates on customer security posture. Improve & Evolve: Participate in continuous improvement projects focused on tooling, process efficiency, and SOC coverage. Collaborate … Palo Alto Cortex, or Microsoft Defender. Understanding of incident response frameworks (MITRE ATT&CK preferred). Experience with vulnerability management platforms such as Rapid7 or Tenable. Exposure to Cyber Threat Intelligence and its application within SOC workflows. Experience with ticketing systems (ServiceNow, JIRA, Salesforce) and ITIL-aligned processes. Strong communicator with solid written and analytical reporting skills. Why More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector, GuardDuty … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks More ❯

Do you want to be at the forefront of intelligence-driven cybersecurity? We at Centripetalare innovators of disruptive cybersecurity solutions. Our CleanINTERNET managed service operationalizes billions of threat indicators in real-time to prevent over 90% of known threats against enterprise networks. Our customers love us for reducing their cybersecurity risks and enabling their security operations to be … more proactive, focused and efficient. Intelligence Services is a group within Centripetal that analyzes cyber threat intelligence to envision and create new technologies that power our managed service offerings. We focus on bold ideas around how to leverage data in cyber defense and pursue strategic initiatives that aim to paradigm-shift the cybersecurity landscape. Join us to More ❯

will play a crucial part in supporting our analysis efforts and collaborating on key projects with our strategic clients. You will be responsible for conducting in-depth analysis of intelligence data, writing comprehensive reports, and providing valuable insights to inform decision-making processes. Responsibilities Conducting high-level open-source intelligence investigations and creating ad-hoc reports on different … topics to support the company's sales, intelligence, and R&D efforts. Analyzing large data sets and providing meaningful insights. Researching new online platforms to discover methods for automating data collection. Monitoring third-party websites, forums, messaging app channels, and more to uncover malicious activities. Assist our product and intelligence teams in better understanding our customers' needs by … pro-active and independent thinker and doer. A quick learner of new practice areas and technological tools. Tons of curiosity. A methodological approach to the art of web intelligence. Intelligence/Research/Trust & Safety/Content Moderation Background - an advantage. Experience with at least 2 languages - an advantage. Excellent Excel/Google Sheets skills. Capable of dealing with More ❯

capabilities and maintain compliance through practical Consulting and Managed Services. Our suite of services blends together best-in-breed technologies to provide real time 24×7 monitoring, triage, remediation, threat assessment, vulnerability management, and Professional Services to give our Clients absolute peace of mind that their critical environments are protected. Our Security Operations Centre (SOC) delivers an array of … services that provide our Customers with robust end-to-end cyber security protection, from monitoring services to threat relevant detection content, from leading threat intelligence to a Customer focus that enables us to become our Customers’ trusted partner. Role Description Talion is looking for an individual to take responsibility for the delivery of several of our Managed More ❯

This role is hands on and technical. This company delivers advanced Cyber services across critical sectors — supporting clients through offerings such as 24/7 SOC operations, Security Assurance, Threat Intelligence, Third-Party Risk, and Crisis Simulations . About the Role You’ll play a key role in delivering and optimising cybersecurity solutions across a diverse client base. … on hybrid and multi-cloud security best practices Qualifications & Experience Certifications such as Cisco CCNA/CCNP , Fortinet NSE , or CompTIA Security+ (advantageous) Demonstrable experience delivering Cyber services in: Threat & Vulnerability Management Penetration Testing/Offensive Security SOC/MDR operations Third-Party Risk or Compliance (ISO, NIST, GDPR) Additional Information Must have the right to live and work More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero More ❯

DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero More ❯

requires a deep understanding of cybersecurity principles and the ability to design secure solutions, implement robust security measures, and counter sophisticated threats. The Senior Cybersecurity Engineer responsibilities involve conducting threat modeling, pinpointing process inefficiencies, and collaborating with both internal and external teams to resolve challenges identified through incident response, assessments, and penetration testing. Coordinate operational and support activities for … field. At least 2 years of hands-on experience managing EDR configurations, deployments, and automation both on-premises and cloud environments. 2 or more years of experience of utilizing threat intelligence tools and frameworks 2 or more years of hands-on experience with an enterprise SIEM solution 2 or more years of hands-on experience utilizing Email security … platforms 2 or more years of hands-on experience actively leading and conducting threat hunting operations Native-level proficiency/fluent in English. Experience in Agile technology environments. Must be willing to participate in an on-call rotational schedule Preferred Qualifications Certified Information Systems Security Professional (CISSP) GIAC or Offensive Security Certifications - GPEN, GCIH, GREM, OSCP, etc. Experience in More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

risks early. Contribute to a multidisciplinary cybersecurity taskforce , responding rapidly to emerging threats. 🧠 What We’re Looking For Strong understanding of OWASP Top 10 , MITRE ATT&CK , and evolving threat landscapes. Proven experience across vulnerability management, incident response, and network security . Ideally skilled in at least one programming language (e.g. Go, Python, Rust ). Experience managing or integrating … securing software or embedded systems . Excellent communication and stakeholder management skills. 💡 Desirable Experience Background in Aerospace, Defence , or similarly regulated sectors. Experience with bug bounty , exploit research, or threat intelligence . Solid understanding of system architecture and associated cyber risks. Ability to mentor junior engineers and promote a culture of security excellence. Passion for continuous learning and More ❯

technical contract, it's a mission-critical role at the heart of our cyber security strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every … a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth is matched by your ability to More ❯

critical systems. Information Security Manager: Duties Experience of business acquisitions - Highly desirable Develop/Maintain enterprise InfoSec strategy aligned business goals Oversee security architecture, vulnerability management, incident response and threat intelligence Lead security risk assessments and manage remediation plans for gaps Financial regulation compliance - GDRP, PCI DSS, SOX, FCA Establish security policies, standards & procedures Repost security posture, incidents More ❯

VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to More ❯

in a busy Security Operations Center with a technology-oriented attitude and the capacity to assume control. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. Role based on site in our Farnborough office and is shift work. 2 x 6am to 6pm … the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members to maintain and update … security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯

SOC Manager £75,000 - £85,000 + 15% bonus + £6k car allowance Warrington – Remote-first A leading global technology organisation is seeking a SOC Response & Threat Manager to lead their elite Tier 3 security team. As a SOC Response & Threat Manager, you will take ownership of complex security incidents, lead high-performing analysts, and shape the Cyber … Threat Intelligence capability. Working hands-on with cutting-edge tools, you'll orchestrate critical incidents while hunting sophisticated threat actors across enterprise environments. Key Experience: • Proven experience leading incident response operations and managing security analysts. • Deep expertise in digital forensics and incident response (DFIR). • Strong knowledge of threat hunting methodologies and adversary tactics. • Ability to … 6k car allowance • Generous pension with double-matched contributions • 25 days holiday plus bank holidays • Private medical insurance and flexible benefits To hear more about the SOC Incident Response & Threat Hunting Manager opportunity, get in touch with Connor Smyth at Anson McCade on 020 7780 6706. More ❯

Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds. Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch More ❯