26 to 50 of 354 Threat Intelligence Jobs

with our IT team to ensure log sources from endpoints, Azure/Azure AD, Entra ID, and Microsoft 365 are properly ingested. Develop and maintain KQL queries, analytics rules, threat hunting scripts, and automation logic. Work with internal teams to mitigate threats and implement recommendations - for example MFA enforcement, Conditional Access policies, and identity protection. Security Architecture and Implementation … security tools to scan the environments for vulnerabilities, mitigate findings and further harden the infrastructure. Working with the Security Team, IT Team and CIO on the RealVNC cybersecurity roadmap. Threat Intelligence and Risk Management: Utilise third-party threat intelligence to identify and mitigate emerging threats and vulnerabilities. Prepare detailed reports and dashboards on security metrics, trends … posture of the organization. Requirements: You; Have proficiency in scripting languages (Python ideally), Powershell and Bash and have a keen desire for automation Have a good working knowledge of threat landscapes, including common attack vectors (MITRE ATT&CK) and emerging threats Have a good understanding of EDR tools (Microsoft Defender) and SIEM Tools (Microsoft Sentinel) and the Microsoft Defender More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

telework 1 or 2 days in the office) Clearance: TS/SCI Clearance Position Description Cybersecurity Specialist Purpose: The Air Force ISR Digital Infrastructure Transformation paves the way for intelligence analysts to securely harness the latest technological advancements. It is orchestrated through Data and Analytics, Sense Making/Automation, Augmentation and AI (AAA), Networks, Hybrid and Multi-Cloud, Enterprise … Services, and cybersecurity capabilities. This structure allows integration, synchronization, and coordination with the Intelligence IC, Department of Defense (DoD), and commercial partners. The AF IC's ability to advance its digital infrastructure transformation and deliver intelligence at the speed of relevance hinges on people, processes, and technology. Proactively informing and developing our digitally savvy Airmen on capability portfolio … technical support. Additionally, the candidate will offer cybersecurity and zero trust expertise to support existing, ongoing, and expanding programs, projects, technologies, processes, and workforce innovations throughout the Air Force Intelligence Community (AF IC) Information Environment. This work will be in alignment with desired strategic and operational outcomes. Education: • Bachelors or Masters in Cybersecurity, Computer Science, Information technology or a More ❯

secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review. Understand Threat Intelligence and its use in an operational environment Threat Hunting and the ability to look for attacks that may not have been captured Support incident response to More ❯

Security: Possess knowledge of secure software development lifecycles, application architectures, key attack vectors, and corresponding compensating controls. Cloud Security (Microsoft): Demonstrated experience and proficiency in securing cloud environments. Cyber Threat Intelligence: Ability to analyse and respond to emerging cyber threats and how this can be used to update secure architecture principles. About What You'll Get A competitive More ❯

Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider threats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies. Assist in developing strategies to handle security incidents and coordinate responses to … insider threats. Support the development and implementation of use cases, detection rules, and playbooks. Perform threat hunting activities to proactively identify threats within the environment. Continuously review and refine insider risk policies to ensure they are effective and up to date. Develop and implement automated processes for monitoring and enforcing insider risk policies. Participation in security root cause analysis … as part of NorthMark Strategies’ Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. Requirements: At least 3 years of experience in a SOC More ❯

Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider threats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies. Assist in developing strategies to handle security incidents and coordinate responses to … insider threats. Support the development and implementation of use cases, detection rules, and playbooks. Perform threat hunting activities to proactively identify threats within the environment. Continuously review and refine insider risk policies to ensure they are effective and up to date. Develop and implement automated processes for monitoring and enforcing insider risk policies. Participation in security root cause analysis … as part of NorthMark Strategies’ Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. Requirements: At least 3 years of experience in a SOC More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … Management (CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies. Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency in these fundamental skill sets. … security tools, other experts, and capabilities to protect and defend client organizations and their people, intellectual property, and technology against wide-ranging threats, including nation states and Advanced Persistent Threat groups that act on their behalf. Consultants must be proactive, and able to lead, manage, and problem-solve on multiple workstreams across varied client sectors by contributing to, managing … to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and are enhanced with intelligence and automation. BlueVoyant are trusted cyber-security partners and advisors to some of More ❯

activities to contain, eradicate, and recover from security incidents. Develop and maintain incident response plans aligned with industry best practices. Manage escalations during security incidents. Follow major incident processes. Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds for proactive detection. Security Tool More ❯

platforms). • Collaborate with cross-functional teams to drive vulnerability remediation plans and lead working groups to assess, prioritize, and track mitigation efforts. • Collect, analyze, and validate open-source intelligence and threat data to inform security posture and incident response. • Provide technical leadership and guidance for small project teams and collaborate on developing threat models and remediation … threats. • Hands-on experience with enterprise intrusion detection systems (IDS/IPS), host/network security tools, firewalls, HIPS, WAFs, and event correlation. • Proven experience in cybersecurity operations, including threat analysis, incident response, and vulnerability remediation across multiple OS platforms (Linux, Windows, Mac). • Technical expertise in at least one scripting/programming language: Python, PowerShell, Bash, C++, etc. … Familiarity with cyber threat intelligence frameworks such as STIX, TAXII, OpenIOC, and OSINT. • Experience using packet analysis tools and data analytics platforms such as Splunk. • Demonstrated experience leading working groups, documenting processes, and facilitating collaborative decision-making. • Proficiency in database administration or querying for platforms such as Oracle, MSSQL, PostgreSQL, etc. • Strong troubleshooting, organizational, and communication skills (both More ❯

implement secure coding practices and foster secure CI/CD development pipelines. Support the evaluation and deployment of security tools, including endpoint protection, intrusion detection/prevention systems, and threat intelligence platforms. Maintain awareness of the latest security trends, vulnerabilities, and threat intelligence to proactively protect the organization. Assist in developing and executing security training and … awareness programs for technical and non-technical teams. Document all security-related activities and maintain detailed records for audit and compliance purposes. Enhance Threat Intelligence Capabilities - Research emerging threats, analyze attack patterns, and integrate threat intelligence feeds to strengthen the organization's proactive security posture. Perform Security Audits and Compliance Reviews - Conduct internal security audits and More ❯

containment, investigation, remediation, and follow-up; typically, your involvement will be limited to major incidents or incidents that require a deeper technical understanding of the security tools Support our threat intelligence programme, identifying regional and global threats, and respond accordingly Support the development and improvement of the global cybersecurity operations programme (including processes and procedures), reflecting global/… security platforms, such as SIEM, DLP, IPS/IDS, WAF, EDR, etc., experience with the Microsoft Security Suite is ideal Deep technical expertise and relevant experience in security operations (threat intelligence, security monitoring, incident/crisis management, vulnerability management and security engineering), with the ability to run consistent global operations across these areas Hands-on experience responding to More ❯

infections, and other suspicious behavior. • Maintain detailed documentation of incidents, findings, and response actions. • Collaborate with cross-functional teams including IT, compliance, and engineering to strengthen security posture. • Utilize threat intelligence feeds to contextualize events and support proactive defense strategies. • Assist in developing and refining incident response procedures and SOC playbooks. • Support vulnerability assessments and remediation tracking. • Maintain … Preferred Qualifications: • Security+ CE, CEH, or other relevant DoD 8570 certifications (required for some roles) • Experience supporting federal contracts or working in classified environments • Knowledge of MITRE ATT&CK, threat hunting techniques, and forensic analysis • Familiarity with ticketing systems, report writing, and compliance documentation Work Schedule & Environment: • This role may require shift work to support 24/7 operations More ❯

DoD Security Clearance are required to be considered for this position. Responsibilities Support Cybersecurity Service Provider (CSSP) and Security Operations Center (SOC) operations within a DoD cybersecurity environment. Conduct threat analysis, incident response, and forensic investigations to ensure mission success. Assist in the development and implementation of cybersecurity policies, procedures, and strategies in alignment with DoD standards. Monitor, detect … tools and methodologies. Ensure compliance with DoD cybersecurity regulations, including RMF, NIST, and DISA STIGs. Support vulnerability assessments, penetration testing, and security risk assessments. Preferred Qualifications: Knowledge of cyber threat intelligence, network security, risk management, and incident handling. Strong analytical and problem-solving skills to support security operations. Familiarity with classified DoD cybersecurity environments and compliance requirements. Experience More ❯

improvements. Key member of the function who regularly reviews Security Policies, Standards and Controls and optimize position on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies … degree in computer science, Cybersecurity, Information Technology, or related field. Master's degree preferred. CRISC, CISM, CISA, CDPSE, or similar advanced security certifications. Advantageous to have experience in Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and … practices. In an ever-changing cyber landscape to be able to lead a team to adapt to changes in line with organisation needs but also in line with the threat landscape. High level of integrity and ethical judgement to handle sensitive information responsibly. Familiarity with cloud security controls and securing hybrid IT environments. Knowledge of vulnerability management and incident More ❯

closely with IT and security teams to enhance security protocols and ensure compliance with industry standards. Reporting : Prepare detailed reports on security incidents, mitigation strategies, and overall security posture. Threat Intelligence : Stay updated on the latest cybersecurity trends, threats, and technologies to proactively address potential risks. Minimum Requirements: Candidates must have an active Top Secret/SCI clearance. … certification (CASP, CISA, CISSP, or GCIH) or the ability to obtain certification within six months of hiring. 2 years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community. Excellent problem-solving and analytical skills. Strong communication and teamwork abilities. Commitment to ethical and responsible conduct. Familiarity with NIST risk management concepts and processes. Marathon TS is More ❯

inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks. Produce security incident review reports to present information about incidents and provide security improvement recommendations. Understand Threat Intelligence and its application in an operational environment. Conduct Threat Hunting to identify attacks that may not have been captured. Support incident response to national-scale incidents More ❯