126 to 150 of 788 Threat Intelligence Jobs

environments Investigating events using system logs, network traffic, and endpoint telemetry Supporting containment and recovery efforts during active security incidents Continuously enhancing SOC capabilities, tooling, and detection rules using threat-informed approaches like MITRE ATT&CK Producing detailed incident reports and documentation for both technical and non-technical stakeholders Assisting with threat intelligence activities as needed Staying … Hands-on experience working in a Security Operations Centre (SOC) Solid knowledge of SIEM tools such as Microsoft Sentinel or Splunk Familiarity with the MITRE ATT&CK framework and threat detection methodologies Strong analytical skills with a keen eye for detail in log analysis and network monitoring Basic understanding of enterprise security architecture including firewalls, VPNs, AV, and web More ❯

future incidents. Key Responsibilities: Conduct initial incident assessments and support ongoing Incident Response (IR) management. Participate in live IR operations, including digital forensics and data acquisition. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate with internal teams to deliver a holistic cybersecurity service. Engage with clients regularly to collect relevant logs and gain infrastructure access for … incidents to minimise disruption. Strong communication skills with the ability to stay calm and effective under pressure. Able to align client deliverables with industry best practices. Skilled in proactive threat intelligence and analysis to support IR operations. Proactive, responsible, and eager to contribute to the growth of the Incident Response team. While this role is advertised as remote More ❯

experienced SOC L3 Analyst with strong engineering knowledge and deep expertise in Microsoft Sentinel and the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimising license consumption and SIEM integration efforts. Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex … SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK … framework to build coverage and improve threat visibility. Security Engineering & Platform Management - Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. - Build and manage data connectors, custom log parsers, and normalisation schemas. - Collaborate with cloud and infrastructure teams to onboard telemetry from endpoints, identity systems, and SaaS platforms. License Usage Monitoring & Optimisation - Monitor More ❯

highly skilled Senior UEBA (User and Entity Behavior Analytics) Engineer to lead the implementation, and optimization of advanced security analytics solutions. The ideal candidate will possess deep expertise in threat detection, data analysis, and behavioral analytics, driving initiatives to enhance the organization's security posture through proactive monitoring and anomaly detection. This role requires a deep understanding of security … analytics, behavioral baselining, data integration, and threat detection methodologies. This role will serve as a key technical leader, mentor, and strategic advisor within the cybersecurity team to enhance threat detection and overall security posture. Solution Design & Leadership: Architect and maintain scalable UEBA solutions, integrating with SIEMs, data lakes, and other security technologies. Design & Implementation: Deploy and configure UEBA … in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous user and entity behavior. Threat Hunting: Assist in proactive threat hunting efforts using behavioral insights from the UEBA platform. Optimization: Continuously fine-tune analytics models to reduce false positives and improve detection capabilities. More ❯

highly skilled Senior UEBA (User and Entity Behavior Analytics) Engineer to lead the implementation, and optimization of advanced security analytics solutions. The ideal candidate will possess deep expertise in threat detection, data analysis, and behavioral analytics, driving initiatives to enhance the organization's security posture through proactive monitoring and anomaly detection. This role requires a deep understanding of security … analytics, behavioral baselining, data integration, and threat detection methodologies. This role will serve as a key technical leader, mentor, and strategic advisor within the cybersecurity team to enhance threat detection and overall security posture. Solution Design & Leadership: Architect and maintain scalable UEBA solutions, integrating with SIEMs, data lakes, and other security technologies. Design & Implementation: Deploy and configure UEBA … in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous user and entity behavior. Threat Hunting: Assist in proactive threat hunting efforts using behavioral insights from the UEBA platform. Optimization: Continuously fine-tune analytics models to reduce false positives and improve detection capabilities. More ❯

highly skilled Senior UEBA (User and Entity Behavior Analytics) Engineer to lead the implementation, and optimization of advanced security analytics solutions. The ideal candidate will possess deep expertise in threat detection, data analysis, and behavioral analytics, driving initiatives to enhance the organization's security posture through proactive monitoring and anomaly detection. This role requires a deep understanding of security … analytics, behavioral baselining, data integration, and threat detection methodologies. This role will serve as a key technical leader, mentor, and strategic advisor within the cybersecurity team to enhance threat detection and overall security posture. Solution Design & Leadership: Architect and maintain scalable UEBA solutions, integrating with SIEMs, data lakes, and other security technologies. Design & Implementation: Deploy and configure UEBA … in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous user and entity behavior. Threat Hunting: Assist in proactive threat hunting efforts using behavioral insights from the UEBA platform. Optimization: Continuously fine-tune analytics models to reduce false positives and improve detection capabilities. More ❯

highly skilled Senior UEBA (User and Entity Behavior Analytics) Engineer to lead the implementation, and optimization of advanced security analytics solutions. The ideal candidate will possess deep expertise in threat detection, data analysis, and behavioral analytics, driving initiatives to enhance the organization's security posture through proactive monitoring and anomaly detection. This role requires a deep understanding of security … analytics, behavioral baselining, data integration, and threat detection methodologies. This role will serve as a key technical leader, mentor, and strategic advisor within the cybersecurity team to enhance threat detection and overall security posture. Solution Design & Leadership: Architect and maintain scalable UEBA solutions, integrating with SIEMs, data lakes, and other security technologies. Design & Implementation: Deploy and configure UEBA … in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous user and entity behavior. Threat Hunting: Assist in proactive threat hunting efforts using behavioral insights from the UEBA platform. Optimization: Continuously fine-tune analytics models to reduce false positives and improve detection capabilities. More ❯

highly skilled Senior UEBA (User and Entity Behavior Analytics) Engineer to lead the implementation, and optimization of advanced security analytics solutions. The ideal candidate will possess deep expertise in threat detection, data analysis, and behavioral analytics, driving initiatives to enhance the organization's security posture through proactive monitoring and anomaly detection. This role requires a deep understanding of security … analytics, behavioral baselining, data integration, and threat detection methodologies. This role will serve as a key technical leader, mentor, and strategic advisor within the cybersecurity team to enhance threat detection and overall security posture. Solution Design & Leadership: Architect and maintain scalable UEBA solutions, integrating with SIEMs, data lakes, and other security technologies. Design & Implementation: Deploy and configure UEBA … in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous user and entity behavior. Threat Hunting: Assist in proactive threat hunting efforts using behavioral insights from the UEBA platform. Optimization: Continuously fine-tune analytics models to reduce false positives and improve detection capabilities. More ❯

resources to better use. CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle - whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market. Our ambition to make a positive difference starts with our people. Our values - Protect, Improve … improvements. Key member of the function who regularly reviews Security Policies, Standards and Controls and optimize position on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies … degree in computer science, Cybersecurity, Information Technology, or related field. Master's degree preferred. CRISC, CISM, CISA, CDPSE, or similar advanced security certifications. Advantageous to have experience in Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and More ❯

future incidents. Key Responsibilities: Conduct initial incident assessments and support ongoing Incident Response (IR) management. Participate in live IR operations, including digital forensics and data acquisition. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate with internal teams to deliver a holistic cybersecurity service. Engage with clients regularly to collect relevant logs and gain infrastructure access for … incidents to minimise disruption. Strong communication skills with the ability to stay calm and effective under pressure. Able to align client deliverables with industry best practices. Skilled in proactive threat intelligence and analysis to support IR operations. Proactive, responsible, and eager to contribute to the growth of the Incident Response team. While this role is advertised as remote More ❯

at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and … their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the GRC working group. … Requirements Operationalising and ensuring delivery of security policy, standards and procedures Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Supporting the Technology team to keep information security infrastructure up to date with emerging threats and vulnerabilities, including advising on architecture and design of internal More ❯

resources to better use. CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle - whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market. Our ambition to make a positive difference starts with our people. Our values - Protect, Improve … improvements. Key member of the function who regularly reviews Security Policies, Standards and Controls and optimize position on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies … degree in computer science, Cybersecurity, Information Technology, or related field. Master's degree preferred. CRISC, CISM, CISA, CDPSE, or similar advanced security certifications. Advantageous to have experience in Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and More ❯

Implementation, Cyber Strategy, Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and … Implementation, Cyber Strategy, Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and More ❯

product owners, and compliance teams to ensure that secure design principles and automated security controls are Embedded throughout the software development lifecycle (SDLC). You will take ownership of threat modeling, vulnerability management, and security automation efforts with a specific focus on cloud platforms, primarily Google Cloud Platform (GCP). You will be instrumental in building scalable, resilient security … Application Security Architecture & Strategy Lead the design and implementation of comprehensive application security frameworks that guide the secure development of cloud-native APIs, microservices, and web applications. Conduct detailed threat modeling workshops and architectural risk assessments, identifying vulnerabilities early and collaborating on risk mitigation strategies. Define and enforce secure coding standards and architectural best practices aligned with industry benchmarks … industries. Hands-on experience with a range of application security testing tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding standards and common vulnerabilities (OWASP Top 10, API Security Top 10) and how to mitigate More ❯

at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and … their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the GRC working group. … Requirements Your main duties & responsibilities: Operationalising and ensuring delivery of security policy, standards and procedures Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc Supporting the Technology team to keep information security infrastructure up to date with emerging threats and vulnerabilities, including advising on architecture More ❯

role involves developing and maintaining secure Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform, mentoring an internal engineer, and managing Sentinel, Defender, and SOAR solutions for automated threat response. Collaboration with third-party support is also key. Key Responsibilities Architect and secure Azure infrastructure using Terraform. Design and optimize Azure DevOps pipelines with embedded security. Leverage Azure … and penetration testing. Ensure PCI DSS compliance through audits and risk assessments. Implement DNS security solutions. Develop incident response processes with third-party support. Develop SIEM solutions, logging, and threat intelligence strategies. Define and enforce security policies and procedures. Mentor internal engineers and coordinate with external security partners. Ensure comprehensive documentation for post-contract continuity. Minimum Requirements Strong More ❯

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms More ❯

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms More ❯

Arrangements: Flexible working options available, including full-time, part-time, and compressed hours. Around 20% home working may be available depending on business needs. About Us GCHQ is an intelligence, cyber, and security agency dedicated to safeguarding the UK. We utilize advanced technology, ingenuity, and partnerships to identify, analyze, and disrupt threats. Working alongside MI5 and MI6, we protect … and phishing. Your responsibilities include detecting, responding to, and mitigating security incidents, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and leveraging threat intelligence. Opportunities to engage in Digital Forensics and operational security are also available. The role offers a unique experience due to the specialized nature of our work. About You … in-house, on-the-job, and external training, including industry-recognized certifications from SANS and OFFSEC. You will be paired with a mentor and gain hands-on experience in threat detection, incident response, and operational strategies. Opportunities for travel, conferences, and staying current with cybersecurity innovations are also available. Rewards and Benefits Starting salary of £36,408 plus benefits More ❯

Management (SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key … improving our security operations processes, escalation paths and playbooks. Leveraging AI capabilities to enhance the effectiveness of our security capabilities and your own productivity in the role. Consuming relevant threat intelligence to drive proactive action within the Cyber Security and wider IT environment. Indicative Performance Measures Mean time for business recovery to C1 (Highest criticality) level security incidents … and following common response frameworks. Experience within the gaming industry providing security operations support to game releases, game infrastructure monitoring and live game operations. Strong appreciation of the cyber threat landscape and attacker tactics, techniques and procedures. Experience developing operational processes and playbooks. Desirable Interpersonal Skills: Ability to remain composed and effective during high-pressure situations. Clear focus on More ❯

escalate incidents with sound judgement — this isn’t checkbox security work. Dive deep into data using PCAP, endpoint logs, network telemetry and behavioral analytics. Hunt for threats proactively, leveraging threat intelligence, patterns, and instincts built from experience. Work cross-functionally with other teams to contain, mitigate and learn from security incidents. Act as a mentor to Tier … better tooling and smarter monitoring. What You Bring You’re not new to this. You’ve been in the trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network More ❯

SIEM) platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Requirements Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events Leading the response to major cyber security incidents, collaborating with key … improving our security operations processes, escalation paths and playbooks Leveraging AI capabilities to enhance the effectiveness of our security capabilities and your own productivity in the role. Consuming relevant threat intelligence to drive proactive action within the Cyber Security and wider IT environment Indicative Performance Measures Mean time for business recovery to C1 (Highest criticality) level security incidents … and following common response frameworks Experience within the gaming industry providing security operations support to game releases, game infrastructure monitoring and live game operations Strong appreciation of the cyber threat landscape and attacker tactics, techniques and procedures Experience developing operational processes and playbooks Desirable Interpersonal Skills: Ability to remain composed and effective during high-pressure situations Clear focus on More ❯

monitoring, logging, and compliance frameworks Excellent analytical skills and a keen eye for detail Strong written and verbal communication skills Desirable: An interest in or basic understanding of cyber threat intelligence, including how attackers operate and how to spot signs of compromise (e.g., suspicious files, unusual behaviour, or known attack patterns) Relevant cyber security or networking certifications (e.g. More ❯

working collaboratively with them to help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model to the development of the … bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM More ❯

working collaboratively with them to help increase overall maturity. Setting proportionate goals and strategy for cyber exercising and implementing a plan to achieve this. The implementation of a comprehensive threat intelligence capability. Alignment of defensive cyber processes which have provided a measurable improvement for detect and respond functions. Using a suitable maturity model to the development of the … bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM More ❯