16 to 40 of 231 Threat Intelligence Jobs

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »

a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions. We enjoy competitive … team. Responsibilities Leverage internal, commercial, and open-source tools and data sources to analyze, enrich and synthesize indicators of compromise and/or other intelligence artifacts to provide meaningful and actionable intelligence Analyze raw data sets and extract relevant insight to form high quality TI responses Perform proactive … products, where appropriate Maintain a broad understanding and knowledge of the latest offensive and defensive Tactics, Techniques and Procedures (TTPs) as well as overall Threat Landscape trends Collaborate internally and externally, and develop, enhance and produce Secureworks TI products Own and execute ongoing projects such as customer threat more »

Threat Intelligence Lead Hybrid - 1-2 times a month Locations - Guildford or Preston Salary - £60,000 - £64,000 + 10% annual bonus MUST be eligible for SC Clearance This is an opportunity to work for a globally leading FTSY 500 defence organisation in their brand new team and … project! Role - We are on the hunt for a leader within the Threat Modelling/Intelligence space. You will be supporting with the strategic road mapping of the project, selecting the most appropriate tech stack to move forward with and building a team of Threat Modellers. Leading … the delivery of the threat modelling function by providing analysis and guidance. Acting as the Threat Modelling Lead, providing direction to Threat Modellers Capturing and disseminating security information and providing threat modelling expertise Communicating with multiple business functions and programmes, being the first point of contact more »

please go ahead and apply. We'd love to hear from you! About the role Hargreaves Lansdown is seeking a talented and experienced Cyber Threat Intelligence Lead to join our dynamic Cyber Defence team. As our CTI Lead, you will play a critical role in protecting our organisation … from cyber threats by proactively identifying, analysing, contextualising, and escalating potential risks. We operate a threat-centric cyber defence posture and CTI is at the heart of this. If you are passionate about cyber security, have a keen eye for detail, and thrive in a challenging and rewarding environment … you to apply for this position. What you'll be doing Responsible for the strategic direction and day-to-day running of the Cyber Threat Intelligence (CTI) function Build strong working relationships with key stakeholders, such as Cyber Defence Management, CISO 'Heads of' and Digital/Technology risk more »

Senior Threat Intelligence Analyst Hybrid - 1-2 times a month Locations - Guildford or Preston Salary - £50,000 - £55,000 MUST be eligible for SC Clearance This is an opportunity to work for a globally leading FTSY 500 defence organisation in their brand new team and project Role - We … are on the hunt for a senior level analyst that has ideally come from a SOC, Red Team or Threat Modelling background. Reporting into the Lead Threat Modeller. Creating and implementing processes and procedures for threat modelling capability Maintaining up to date knowledge of cyber security threats … activity group tactics, techniques, and procedures (TTPs) Supporting Purple team by building attack simulations showing potential attack patterns to support future remediation. Key Skills Threat Modelling Knowledge of Threat Landscape, Current Affairs and Geopolitics Operational Risk Management Red or Purple Team abilities Cyber/Threat Intelligence more »

perform a business impact analysis on the security incident. You will leverage a deep understanding of information security technologies, you will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend … the response actions and escalation path. You will be guided by Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as … Security and security operations experience '€¢Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience '€¢Experience of onboarding, tuning, reporting, and configuring SIEM solutions '€¢Experience of threat intelligence '€¢Leadership and mentoring experience and skills '€¢Understanding of low-level concepts including operating systems and networking '€¢Commercial experience in Penetration Testing and more »

Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence . Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general … awareness of threat landscape. Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management . Ability to identify IT security operations risks and the delivery of audit remediation activities. Emerging technology monitoring. Ability to identify and assess … Manager: Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and more »

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threat intelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threat intelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threat intelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »

Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threat intelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threat intelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »

appropriate incident remediation and containment, and/or provide recommendations and support to customers based on defined procedures and analyst experience. Youll work with threat intelligence and threat hunting to drive the detection and enrichment efficacy, and youll share our passion for automating the mundane repetitive tasks … to mitigate the impact of live and ongoing security incidents. As part of the SOC team, youll support and contribute to excellence, sharing information, intelligence and best practise, and working with your peers to document, review, iterate and conform to processes related to security monitoring procedures. Above all, youll … developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threat intelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »

the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities You will work alongside the SOC team to ensure the effective delivery of … the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in … a timely, accurate and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Serve as a technical point of escalation and provide mentoring for L1 Security Operations Center (SOC more »

the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of industry leading SIEM … IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during … security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »

the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities You will work alongside the SOC team to ensure the effective delivery of … the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in … a timely, accurate and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills The successful candidate will exhibit more »

our team in London! You'll be supporting the management of Security Operations, Security Incidents and Infrastructure Security for Legal & General. Using the latest threat intelligence to inform daily activities and proactive threat hunts to detect and respond to threat actors, you'll also work alongside … re looking for A working knowledge of tools used in detection and response such as XDR/EDR, Network Monitoring, SIEM An understanding of threat intelligence and how it can be used within Security Operations to build mature detection and response An awareness of new and emerging threats more »

a pivotal role in coordinating security operations within their IT environment. Your responsibilities will include managing cyber defence technologies, coordinating incident response, and leading threat hunting efforts. You will collaborate closely with internal teams and external partners to ensure the highest level of security across the organisation. Key Responsibilities … Standard Operating Procedures (SOPs) and other documentation to support cyber operations. Respond to cyber-related incidents, coordinating remediation efforts and post-incident reviews. Enable threat hunting through the fusion of threat intelligence and business risk analysis. Requirements: Strong understanding of network protocols, firewalls, and intrusion detection/… scale security technology deployments (SIEM/SOAR/EDR/NDR). Ability to lead technical teams and manage service providers effectively. Familiarity with threat intelligence sources and incident prioritization. Understanding of cybersecurity regulations and standards (e.g., GDPR, NIST). Working knowledge of the MITRE ATT&CK framework. more »

a pivotal role in coordinating security operations within their IT environment. Your responsibilities will include managing cyber defense technologies, coordinating incident response, and leading threat hunting efforts. You will collaborate closely with internal teams and external partners to ensure the highest level of security across the organisation. Key Responsibilities … Standard Operating Procedures (SOPs) and other documentation to support cyber operations. Respond to cyber-related incidents, coordinating remediation efforts and post-incident reviews. Enable threat hunting through the fusion of threat intelligence and business risk analysis. Requirements: Ability to manage service providers effectively Knowledge of large-scale … security technology deployments (SIEM/SOAR/EDR/NDR). Working with EDR tools such as MS Defender and Crowdstrike Familiarity with threat intelligence sources and incident prioritization. Working knowledge of the MITRE ATT&CK framework Desirable Qualifications: Bachelor's degree in computer science, business informatics, engineering more »

on two new positions. My clients UK SOC is going through a state of transformation and they need someone to help scope and develop threat management as a function. You will be working on nation state threat actors and need to be eligible for or currently hold SC … clearance. A background in cyber operations and intelligence (doesnt have to be cyber) is required, as well as a proven interest and keeping up to date on global cyber threats. The preferred candidate should possess a minimum of 2 years of experience in a SOC environment. This role necessitates … the ability to Identify, analyze, and mitigate threat intelligence from various sources, underscoring the importance of an understanding of OSINT. Additionally, the Lead role involves additional responsibilities, including direct management of a team and reporting to one senior stakeholders and a knowledge of Purple/Red team disciplines. more »

on two new positions. My clients UK SOC is going through a state of transformation and they need someone to help scope and develop threat management as a function. You will be working on nation state threat actors and need to be eligible for or currently hold SC … clearance. A background in cyber operations and intelligence (doesn’t have to be cyber) is required, as well as a proven interest and keeping up to date on global cyber threats. The preferred candidate should possess a minimum of 2 years of experience in a SOC environment. This role … necessitates the ability to Identify, analyze, and mitigate threat intelligence from various sources, underscoring the importance of an understanding of OSINT. Additionally, the Lead role involves additional responsibilities, including direct management of a team and reporting to one senior stakeholders and a knowledge of Purple/Red team more »

to our customers and streamline and automate our business processes. To help us manage our cybersecurity incidents, whilst performing forensic investigations and providing cyber threat intelligence services, we're looking for two talented individuals with strong analytical skills to join this growing team. At AXA we work smart … security analysts to provide recommendations on security mechanisms Support the maintenance, testing and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right … networking and common protocol behaviours Proven experience using a major scripting/programming language or search query language to support in security operations and threat detection GIAC certified qualification would be ideal but not essential Comfortable with packet analysis and ideally experienced with network detection and response tooling Experience more »

to our customers and streamline and automate our business processes. To help us manage our cybersecurity incidents, whilst performing forensic investigations and providing cyber threat intelligence services, we're looking for two talented individuals with strong analytical skills to join this growing team. At AXA we work smart … security analysts to provide recommendations on security mechanisms Support the maintenance, testing and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right … networking and common protocol behaviours Proven experience using a major scripting/programming language or search query language to support in security operations and threat detection GIAC certified qualification would be ideal but not essential Comfortable with packet analysis and ideally experienced with network detection and response tooling Experience more »

to our customers and streamline and automate our business processes. To help us manage our cybersecurity incidents, whilst performing forensic investigations and providing cyber threat intelligence services, we're looking for two talented individuals with strong analytical skills to join this growing team. At AXA we work smart … security analysts to provide recommendations on security mechanisms Support the maintenance, testing and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right … networking and common protocol behaviours Proven experience using a major scripting/programming language or search query language to support in security operations and threat detection GIAC certified qualification would be ideal but not essential Comfortable with packet analysis and ideally experienced with network detection and response tooling Experience more »

to our customers and streamline and automate our business processes. To help us manage our cybersecurity incidents, whilst performing forensic investigations and providing cyber threat intelligence services, we're looking for two talented individuals with strong analytical skills to join this growing team. At AXA we work smart … security analysts to provide recommendations on security mechanisms Support the maintenance, testing and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right … networking and common protocol behaviours Proven experience using a major scripting/programming language or search query language to support in security operations and threat detection GIAC certified qualification would be ideal but not essential Comfortable with packet analysis and ideally experienced with network detection and response tooling Experience more »