51 to 75 of 252 Threat Intelligence Jobs

defined incident response processes and escalate to the Cyber Security Incident Response team when necessary. Develop and fine-tune detection rules, create and maintain detection playbooks, and collaborate with threat intelligence to identify new detection opportunities. Use automation tools and scripting languages (e.g., Python, PowerShell) to streamline repetitive tasks and boost efficiency. Proactively hunt for potential threats within … the environment, leveraging threat intelligence and advanced analytics to identify and mitigate risks. Work closely with other cyber defence teams, including Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams. Effectively communicate findings and recommendations to various stakeholders. Utilise your technical expertise to analyse telemetry related to incidents and identify appropriate investigation pathways. Identify techniques used by … experience in scripting or programming languages. Preferred experience dealing with incidents in various environments, including OT and ICS technologies. Preferred experience working with wider Cyber Defence teams, such as Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams. Understanding of cyber security legislation and experience with information risk and security-related best practices, policies, standards, and regulations. What's More ❯

strategy across infrastructure, applications, and data. Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse's risk profile. Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams. Build and mentor a high-performing security team, including hiring, coaching, and managing performance. Develop KPIs and reporting … data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of … proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure Security Partner with engineering to embed security in the More ❯

end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments … prioritisation Patch & Endpoint Management - Microsoft Intune/SCCM/WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics … ONR Security Domains/Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management More ❯

end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments … prioritisation Patch & Endpoint Management - Microsoft Intune/SCCM/WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics … ONR Security Domains/Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management More ❯

Primary Responsibilities: • Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations • Author, update, and maintain SOPs, playbooks, work instructions • Utilize Threat Intelligence and Threat Models to create threat hypotheses • Plan and scope Threat Hunt Missions to verify threat hypotheses • Proactively and iteratively search through systems and … networks to detect advanced threats • Analyze host, network, and application logs in addition to malware and code • Prepare and report risk analysis and threat findings to appropriate stakeholders • Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. • Coordinate with different teams to improve threat More ❯

investigation strategies. Develop and refine forensic methodologies and procedures to ensure consistent, high-quality investigations. Provide guidance and best practices on forensic readiness and security incident management. Collaborate with threat intelligence teams to correlate forensic findings with threat actor tactics, techniques, and procedures (TTPs). Conduct compromise assessments and proactive threat hunting using forensic tools and … collection, handling, and analysis of digital evidence in AWS and Azure environments. Key Skills & Experience: Proven experience in DFIR, with hands-on expertise in forensic analysis, incident response, and threat investigations ideally in a consultancy capacity. Technical background (e.g., previous experience as a systems or network administrator) with a solid understanding of operating systems, networking, and security architectures. Strong … translate complex forensic concepts into client-friendly language, supporting engagement with both technical and executive stakeholders. Experience with forensic data preservation, chain of custody, and evidential procedures. Familiarity with threat intelligence frameworks (MITRE ATT&CK, TTP mapping, IOC development). Certifications such as GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer, or equivalent are desirable. Offensive certifications More ❯

a diverse SOC team of Tier 1, 2, and 3 analysts Coordinate incident response efforts, working closely with internal departments (e.g., IT, Risk, Legal) and external partners (e.g., MSSPs, threat intelligence providers) Lead post-incident analysis to determine root causes and implement corrective actions Regularly review and enhance SOC processes, including playbooks, response protocols, and threat hunting … field. 6+ years of cybersecurity experience, with at least 2 years in a SOC leadership role Expertise in cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, CIS), incident response, and threat intelligence In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management Strong background in cloud security operations and monitoring across AWS … Azure, and GCP Preferred Proven success in incident resolution within SLAs and based on severity. Experience in threat hunting, digital forensics, or malware analysis. Knowledge of advanced persistent threats (APTs) and contemporary attack techniques. Proficiency in security automation (SOAR), orchestration, and scripting (e.g., Python, PowerShell). Preferred certifications: CISSP, CISM, CEH, or similar. Familiarity with DevSecOps, CI/CD More ❯

powerful modules such as Extended Detection & Response (XDR), Security Information and Event Management (SIEM), a 24/7 operational Security Operations Center (SOC) , as well as specialized solutions for Threat Intelligence, Incident Response, and Behavioral Security Training. Leveraging artificial intelligence, automated playbooks, and real-time data analysis , Decanos helps companies detect security incidents early and respond effectively. … secure coding, performance optimization, and database design . Process and analyze security data , working with SIEMs, EDRs, and real-time event processing. Work closely with security analysts to translate threat intelligence into automated detection and response features. Own and drive system architecture decisions , ensuring scalability and maintainability. Foster a collaborative team environment , helping junior developers grow their expertise. More ❯

do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role, you'll be responsible for developing, automating, and … enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection gaps across our infrastructure, working closely with various business units to boost visibility, and crafting automated … address any gaps in security coverage. Apply GitOps and CI/CD principles to automate detection engineering workflows, boosting operational efficiency. Build and optimize security playbooks to streamline detection, threat hunting, and incident response activities. Develop, automate, and enhance our threat detection and response capabilities. Work closely with security analysts and other stakeholders to identify and address gaps More ❯

Revenue is seeking an experienced Cybersecurity Specialist 3 to lead the development, delivery, and optimization of IT security standards, best practices, and system architecture. This role focuses on advanced threat hunting, complex incident response, vulnerability management, and security design to protect critical state systems and sensitive data. Key Responsibilities: Proactively hunt for advanced threats that bypass automated detection tools. … and implement security architecture and recommend improvements. Monitor networks and systems for unauthorized activities and respond to incidents. Optimize cybersecurity tools (SIEM, EDR, IDS) and integrate new technologies. Incorporate threat intelligence feeds into platforms to enhance detection. Required Skills & Competencies: Bachelors degree in Computer Science, IT, Information Security, or equivalent experience. 4+ years of proven success in technology … focus on information security and data governance. Hands-on expertise with SIEM, EDR, IDS, and network monitoring tools. Strong knowledge of vulnerability management tools and practices. Advanced understanding of threat intelligence, incident response, and proactive defense. Excellent analytical, problem-solving, and documentation skills. Working Conditions: Hybrid work model (onsite in Metro Atlanta as required). On-call rotation More ❯

In this role, you will be at the forefront of protecting critical systems, networks, and applications from evolving cyber threats. You will leverage your deep knowledge of security tools, threat intelligence, intrusion analysis, and incident response to safeguard sensitive data and ensure organizational resilience. This is an exciting opportunity for an individual who thrives in fast-paced environments … intrusion analysis, vulnerability assessments, and forensic investigations to support enterprise security posture. • Research, track, and analyze emerging threats, attack methods, and malicious campaigns. • Collect, validate, and apply open-source intelligence (OSINT) to strengthen defense strategies. • Provide subject matter expertise in malware, botnets, distributed denial-of-service (DDoS) attacks, social engineering, insider threats, and hacktivism. • Administer and optimize IDS/… controls. • Experience with Nessus Security Center (or ACAS, Tenable Security Center). • Familiarity with malware analysis, packet analysis, Splunk, and OSINT reconnaissance. • Experience with STIX, TAXII, OpenIOC, or other threat intelligence schemas. • Programming/scripting skills in at least one language (Python, Ruby, PowerShell, C#, Bash, Perl, C++). • Database administration experience with Oracle, MSSQL, MySQL, or similar More ❯

SOC operations, including hands-on involvement in incident detection, analysis, containment, and remediation. The Technical Lead ensures that security technologies such as SIEM, SOAR, IDS/IPS, EDR, and threat intelligence platforms are effectively configured, maintained, and optimized to support real-time monitoring and response. Additional responsibilities include mentoring junior analysts, conducting technical training, developing playbooks and detection … analysis of security incident responses. Perform forensic analysis of devices involved in incidents. Investigate potential intrusions and security events to contain and mitigate incidents. Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance. Analyze network traffic and identifies attack activity. Document incident response activities and lessons learned. Effectively communicate incident response activities. Provide … management. Collaborate with vendors to ensure proper best practices are enforced and recommendations are delivered. Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs. Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success. Produce high-quality More ❯

in place to avoid reoccurrence of incidents. Incident detection: Demonstrate an ability to understand in detail how an incident has occurred without relying on alerts (e.g., reviewing logs and threat intelligence data). Support the Analyst in prioritizing incidents for further analysis, response, or closure. Incident management: Provide specialist knowledge on specific types of attacks. Support Senior Analyst … in cyber security and forensic investigations when they arise. Demonstrate an ability to understand in detail how an incident has occurred without relying on alerts (e.g., reviewing logs and threat intelligence data). Support the Analyst in prioritizing incidents for further analysis, response, or closure. Provide specialist knowledge on specific types of attacks. Support Senior Analyst and Analyst … to them appropriately Experience working through cyber investigations independently Proven experience of Splunk or Sentinel Worked with EDR systems such as Defender or Symantec Knowledge of KQL and SPL Threat Hunting experience Experience working with third-party suppliers and vendors?? Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar Experience of More ❯

Hargreaves Lansdown is seeking a talented and experienced Cyber Threat Intelligence Manager to join our dynamic Cyber Defence team in Bristol. As our CTI Manager, you will play a critical role in protecting our organisation from cyber threats by proactively identifying, analysing, contextualising, and escalating potential risks click apply for full job details More ❯

that make a real impact. ?? The Role This isn't just a technical role. You'll act as a trusted advisor , guiding organisations through incident response, compliance, risk management, threat intelligence, and security architecture . From hands-on frameworks to executive-level strategy, you'll be at the centre of helping clients protect what matters most. ?? What You … Agile ceremonies to keep projects sharp and effective. Mentor junior consultants and build team capability. Contribute to business growth through proposals and client engagement. ??? Skills & Experience Proven expertise in threat intelligence, risk management, incident response, compliance (GDPR, ISO 27001), and security architecture . Experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . More ❯

Position Overview The Insider Threat Cybersecurity Specialist plays a critical role in identifying, investigating, and mitigating insider threats across the environment. This role combines technical expertise in threat detection and behavioral analytics with strategic collaboration across security, HR, legal, and compliance teams. The ideal candidate will have a strong background in SIEM/EDR tools, data loss prevention … and insider threat frameworks, and will contribute to the continuous improvement of our Insider Threat Program. Key Responsibilities Monitor and analyze user activity for anomalous behavior using SIEM, EDR, and UEBA tools. Develop and tune detection rules and alerts in platforms like Splunk and Microsoft Sentinel to identify insider threats and privileged account misuse. Lead or support investigations … into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment. Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments. Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds. Perform vulnerability assessments and risk More ❯

ZeroFox seeks an Intelligence Analyst to join our world-class Global Intelligence Services (GIS) team, helping to protect organizations from the latest cyber threats. Utilize your expertise in the field of cyber security and intelligence analysis to conduct thorough investigations, write insightful reports, and engage with customers. If you have a proven track record in this field … creative spirit are a must. This is a fully remote opportunity based in the United Kingdom. Role and responsibilities Conduct in-depth tactical and strategic analysis of the cyber threat landscape, identifying emerging trends, tracking key threat collectives and delving into deep and dark web activity. Be a subject matter expert (SME) within the GIS team. Draw upon … open and closed sources of intelligence to author analytically-sound, industry-leading finished intelligence reports. Weigh competing hypotheses against each other, utilizing analytical tools to form conclusions. Identify, analyze and deliver reports on topics that are fundamental to protecting our customer base. Work across multi-disciplined teams to leverage their expertise and experience. Maintain strong customer engagement throughout More ❯

Insider Threat Analyst PKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates should have knowledge of insider threat program elements, governance models and overall program operations. A strong background in Insider Threat oriented intelligence/OSINT … HR, programmatic and human/technical inquiry/investigative experience is desired. Responsibilities: • Provide consulting support services to government and private-sector clients related to the development of insider threat programs. • Conduct evaluations of existing insider threat program elements. • Evaluate and recommend both technical and non-technical solutions to detect and respond to potential insider threats. • Evaluate and … establish program elements to support insider threat prevention, detection and response. • Evaluate and establish insider threat program governance and stakeholder engagement mechanisms. • Conduct risk management assessments of critical assets and develop strategies for their protection. • Provide support in developing business cases, resource planning, budget justifications and other documents in support of client insider threat programs. • Develop and More ❯

PRIMARY OBJECTIVE OF POSITION: Zero Point is seeking an Intelligence Analyst - Integrator to provide direct support to USSOCOM by fusing intelligence and operational data to enhance mission effectiveness. The analyst will work closely with intelligence, operations, and special mission teams to identify, assess, and integrate intelligence-driven solutions that support USSOCOM objectives. MAJOR DUTIES & RESPONSIBILITIES: Conduct … all-source intelligence analysis to support special operations missions and planning. Develop, integrate, and disseminate intelligence products that support operational and strategic objectives. Identify and analyze intelligence gaps, providing recommendations for collection and exploitation. Support fusion efforts between intelligence and operational teams to enhance situational awareness. Work with DoD and interagency partners to coordinate intelligence activities. Provide briefings and reports to senior leadership on emerging threats and operational risks. Utilize advanced analytical tools and databases, including Palantir, TAC, Analyst Notebook, and other classified intelligence systems. Assist in the integration of new intelligence capabilities into USSOCOM operations. Support targeting and operational planning by providing timely and actionable intelligence. MINIMUM QUALIFICATIONS: Bachelor's degree More ❯

Lead. Responsibilities/Tasks The Red Analyst (Cyber) shall: Characterize the adversary's cyber capabilities. Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist Red Team Program Leader collection plans, identify information sources, and develop and … and conduct analysis appropriate to the program, identify essential functions/tasks and critical assets necessary to perform them as determined by the program leader. Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist red team program leader collections plans, identify information sources, and develop and conduct research of publicly available information (PAI … progress reports and white papers, after action reviews, final reports, risk analysis products and other documents as required. Perform regular updates of existing documents based on changes in the threat landscape or upon discovery of new threat tactics or procedures Required Skills/Qualifications Ability to communicate complex informational concepts or ideas in a confident and well -organized More ❯

Initial 6 months IR Status: Inside, Market Rates New contract opportunities across the Public Sectors. The Roles Involve: Incident Response : Enhance coordination, assess impact, inform guidance, and develop playbooks. Threat Intelligence : Deliver tailored intelligence, monitorTTPs, and manage tooling (OpenCTI, MISP, sandboxes). Vulnerability Management : Identify and triage vulnerabilities, support remediation, and improve disclosure schemes. Requirements : Proven experience … in SOC environments and incident response. Deep understanding of threat actors and intelligence platforms. Expertise in vulnerability scanning and remediation. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by More ❯

Job Title: Cyber Security Engineer - Senior Insider Threat Analyst Job Location: Hybrid in: Hillsboro, OR 2. Austin, TX 3. Charlotte, NC Onsite Requirements: 5+ years in Cyber Security Threat detection Security monitoring tools, SIEM platforms, and Data analysis techniques Job Description: Key Responsibilities: Monitoring and Detection: Utilize advanced monitoring tools and techniques to detect suspicious activities, anomalies, or … conducting interviews, and collaborating with relevant stakeholders. Perform in-depth analysis of security incidents to determine root causes, motives, and potential impact on the organization's operations and assets. Threat Hunting: Experience performing threat hunting in a corporate environment. Experience working with large data sets and log analysis tools. Ability to apply Cyber Threat Intelligence through … data, and operations. Develop and implement proactive strategies, policies, and controls to mitigate insider threats and minimize security risks. Reporting and Communication: Prepare detailed reports and presentations on insider threat incidents, trends, and mitigation strategies for executive management and relevant stakeholders. Communicate effectively with cross-functional teams, including IT, HR, legal, and compliance, to ensure alignment and coordination in More ❯

cFocus Software seeks a Cyber Threat Hunter (Senior) to join our program supporting US Courts in Washington, DC. This position has remote capabilities. This position requires an active Public Trust clearance and must meet 8570 requirements. Required Qualifications include: 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such … as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon & Auditd) 5 years of experience with the following threat hunting tools: Microsoft … Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN/ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC Desired Qualifications include: One of the following certifications: GIAC Certified Intrusion Analyst More ❯

cloud security, particularly Azure services and tools.* Familiarity with security frameworks such as ISO 27001, NIST, or CIS.* Knowledge of security technologies (firewalls, remote access, ZTNA).* Exposure to threat modelling and cyber threat intelligence is advantageous.Core Skills* Excellent communication and stakeholder engagement abilities.* Analytical mindset with strong problem-solving skills.* Ability to balance security priorities with … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication and stakeholder engagement abilities. * Analytical mindset with strong problem-solving skills. * Ability to balance security priorities … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯