51 to 75 of 174 Threat Intelligence Jobs

SOC Incident Response & Threat Hunting Manager Fully Remote (UK-based) | Up to £85,000 + 10–15% Bonus + £6k Car Allowance + Excellent Benefits (Occasional travel to Warrington, approx. once per quarter) Our client is expanding their virtual Security Operations Centre (vSOC) and looking for an experienced SOC Incident Response & Threat Hunting Manager to lead and develop … a hands-on leadership role, ideal for someone who’s equally comfortable managing people and tackling complex security incidents directly. You’ll guide analysts through live investigations, lead advanced threat hunting operations, and help shape the strategy for the Cyber Threat Intelligence (CTI) capability. The focus is on leadership through technical excellence — combining deep expertise in DFIR … threat hunting, and detection engineering with a proactive approach to strengthening security posture across diverse customer environments. The Role Lead and mentor Tier 3 SOC and Incident Response Analysts. Act as the technical lead on high-severity security incidents from initial detection through to post-incident review. Design and execute advanced threat hunting exercises, integrating intelligence from More ❯

Tier 3 Security and Incident Response team within a dynamic Security Operations Centre (SOC). This critical, technical leadership role drives advanced incident response (IR), digital forensics (DFIR), and threat hunting operations across a diverse customer base. The SOC manager will act as the technical authority for complex investigations, dramatically enhancing cyber resilience and refining detection capabilities. Key Responsibilities … Lead & Develop: Mentor and lead senior SOC analysts in effective IR and threat hunting. Incident Ownership: Oversee and coordinate as a SOC Manager & Lead on high-severity IR, acting as incident lead and guiding cross-functional teams. Technical Expertise: Provide expert oversight, ensuring rapid containment and detailed documentation for complex security incidents. Threat Intelligence: Drive the maturity … of the Cyber Threat Intelligence (CTI) capability, making intelligence actionable. Proactive Defence: Design and lead advanced threat hunting exercises leveraging deep knowledge of adversary TTPs (Tactics, Techniques, and Procedures). Stakeholder Reporting: Deliver comprehensive incident reports and recommendations. Training: Develop and deliver in-house training, including tabletop exercises and forensic challenges as the SOC Manager. Essential More ❯

Do you want to be at the forefront of intelligence-driven cybersecurity? We at Centripetal are innovators of disruptive cybersecurity solutions. Our CleanINTERNET managed service operationalizes billions of threat indicators in real-time to prevent over 90% of known threats against enterprise networks. Our customers love us for reducing their cybersecurity risks and enabling their security operations to … be more proactive, focused and efficient. Our Intelligence Services is a group within Centripetal that analyzes cyber threat intelligence to envision and create new technologies that power our managed service offerings. We focus on bold ideas around how to leverage data in cyber defense and pursue strategic initiatives that aim to paradigm-shift the cybersecurity landscape. This … position has an impactful role in helping visualize and operationalize the findings of Intelligence Services to create and deliver a cutting edge user experience with actionable insights for our customers. Position: Senior Software Engineer, Intelligence Services Location: Galway, Ireland (in person/Hybrid) What you would do: Be a member of a high performing product development team. Be More ❯

critical assets, and driving the integration of automation and AI to enhance our security operations. Security Analysis Monitor and analyse security alerts to detect threats, using behavioural analytics and threat intelligence to uncover anomalies. You’ll also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. … and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams, you’ll ensure endpoint configurations meet organisational standards. You’ll also enhance threat-hunting capabilities by integrating threat intelligence and correlating EDR data with SIEM and XDR platforms for deeper insights. Data Loss Prevention (DLP) In this part of the … response lifecycle from containment to recovery. You’ll document incidents thoroughly, follow established playbooks, and help improve them over time. Automation will be key to streamlining investigations and enriching threat intelligence. Testing and Validation You’ll take part in cyber crisis simulations, penetration testing, and table-top exercises to ensure our defences are robust and response plans are effective. More ❯

critical assets, and driving the integration of automation and AI to enhance our security operations. Security Analysis Monitor and analyse security alerts to detect threats, using behavioural analytics and threat intelligence to uncover anomalies. You’ll also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. … and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams, you’ll ensure endpoint configurations meet organisational standards. You’ll also enhance threat-hunting capabilities by integrating threat intelligence and correlating EDR data with SIEM and XDR platforms for deeper insights. Data Loss Prevention (DLP) In this part of the … response lifecycle from containment to recovery. You’ll document incidents thoroughly, follow established playbooks, and help improve them over time. Automation will be key to streamlining investigations and enriching threat intelligence. Testing and Validation You’ll take part in cyber crisis simulations, penetration testing, and table-top exercises to ensure our defences are robust and response plans are effective. More ❯

maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team … join our Blue Team. The ideal candidate will be a self-starter with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident … the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious activity · Proactive threat hunting using available client data · Collection More ❯

CYSA+, SEC+, BLT1, SC-900 etc... This could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support … remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: - Experience in an IT-focused … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

problem-solving capabilities. English is a must Desirable Skills & Experience: Certifications such as CompTIA Security+, CySA+, CEH, or equivalent. Experience with GRC (Governance, Risk, and Compliance) platforms. Knowledge of threat intelligence platforms and their application (e.g., Mandiant Threat Intelligence, MISP). Splunk certifications such as Splunk Core Certified User, Power User, or Admin. Proficiency in scripting More ❯

renewable energy assets, and millions of customers. Your Responsibilities (Up to 10, avoid repetition) Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response , Vulnerability Response , Threat Intelligence , and Configuration Compliance . Lead integration of ServiceNow with key cybersecurity tools - SIEM , SOAR , EDR , CMDB , Threat Intelligence platforms , and OT/ICS systems . … native security practices and experience integrating security controls into CI/CD pipelines , supporting digital transformation and automation initiatives. AI/ML in Security Operations: Exposure to leveraging artificial intelligence or machine learning techniques to improve threat detection , incident analysis , or automated response capabilities within SecOps. More ❯

powerful modules such as Extended Detection & Response (XDR), Security Information and Event Management (SIEM), a 24/7 operational Security Operations Center (SOC) , as well as specialized solutions for Threat Intelligence, Incident Response, and Behavioral Security Training. Leveraging artificial intelligence, automated playbooks, and real-time data analysis , Decanos helps companies detect security incidents early and respond effectively. … secure coding, performance optimization, and database design . Process and analyze security data , working with SIEMs, EDRs, and real-time event processing. Work closely with security analysts to translate threat intelligence into automated detection and response features. Own and drive system architecture decisions , ensuring scalability and maintainability. Foster a collaborative team environment , helping junior developers grow their expertise. More ❯

incidents in real-time. The ideal candidate will be responsible for detecting, investigating, and responding to security incidents across networks, endpoints, and cloud environments. This role requires expertise in threat intelligence, forensic analysis, and incident handling to minimize the impact of security breaches and strengthen the organizations cybersecurity posture. Key Responsibilities: Incident Detection & Response Monitor security alerts from … malware, phishing attacks, insider threats, and unauthorized access attempts. Respond to security incidents using established playbooks and frameworks. Conduct root cause analysis and implement containment, eradication, and recovery measures. Threat Analysis & Forensic Investigations Perform digital forensics and malware analysis to determine the nature and scope of attacks. Identify and extract indicators of compromise (IOCs) and tactics, techniques, and procedures … TTPs) used by attackers. Collaborate with threat intelligence teams to track adversary behavior and emerging threats. Security Operations & Reporting Document incident reports, timelines, and remediation actions. Develop and update incident response playbooks and standard operating procedures (SOPs). Participate in post-incident reviews to improve security controls and response strategies. Collaboration & Continuous Improvement Work closely with SOC analysts More ❯

findings clearly in reports and client presentations, tailoring communication for both technical and executive audiences. Work closely with clients to define forensic requirements and develop incident response playbooks. Conduct threat hunting and compromise assessments, correlating findings with threat intelligence (MITRE ATT&CK, TTPs, IOCs). Support cloud forensics in AWS and Azure, ensuring proper collection and handling … analytical, problem-solving, and documentation skills. Ability to translate complex forensic data into clear, client-friendly reports. Knowledge of chain of custody, evidential procedures, and forensic readiness. Familiarity with threat intelligence frameworks such as MITRE ATT&CK. Relevant certifications (desirable): GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer. As an industry leading, nationwide Marketing, Digital, Analytics, IT More ❯

Cyber SecOps and Threat Intelligence Specialist, Law Firm, Bristol We are seeking a Cyber Security and Threat Intelligence Specialist to join an expanding team in this 3,000 user international Law Firm, strengthening its ability to detect, respond to, and prevent cyber threats. Location: Bristol Reports to: Head of Cyber Security Hybrid Role: 3-4 days More ❯

Triage: Identify, analyse, and prioritize security incidents, escalating them as necessary within the team. Alert Management: Respond to security alerts, perform initial investigations, and document findings. Log Analysis/Threat Hunting: Review and analyse logs from various security tools and devices to identify potential security incidents within customer environments. Collaboration: Work closely with other team members and departments to … address security issues and improve the security posture. Reporting: Create and maintain detailed incident reports, periodic customer reports and documentation for future reference. Threat Intelligence: Stay updated with the latest security threats, vulnerabilities, and technology trends. Assist in the development and maintenance of a comprehensive Threat Intelligence Database and apply this data to assist in the More ❯

and interpret evidence to provide a holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance activities and operational priorities. … talent. Ability to interpret complex technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management tools and methodologies. What's More ❯

and interpret evidence to provide a holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance activities and operational priorities. … talent. Ability to interpret complex technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management tools and methodologies. What's More ❯

is designed for seasoned offensive security professionals with deep technical expertise and a passion for mentoring and developing junior talent. You will drive complex Red Team operations, collaborate across threat intelligence and detection engineering teams, and influence strategic improvements in detection and response capabilities across the enterprise. To ensure effective management and control of information security, IT and … and persistence operations in diverse environments Reverse engineer proof-of-concept exploits and assess their relevance and impact within MUFG's infrastructure Partner with Blue Team, Detection Engineering, and Threat Intelligence to validate findings and enhance detection logic and response workflows Deliver clear, actionable reporting of findings, attack paths, and remediation strategies to both technical and executive stakeholders … languages (e.g., Python, PowerShell, Bash, C/C++) Expert-level understanding of Windows and Linux internals, Active Directory, and enterprise network architecture Experience with vulnerability research, exploit development, and threat emulation Strong knowledge of security frameworks such as MITRE ATT&CK, NIST-CSF, and OWASP Strong ability to analyse and distil complex issues and present succinct updates to management More ❯

is designed for seasoned offensive security professionals with deep technical expertise and a passion for mentoring and developing junior talent. You will drive complex Red Team operations, collaborate across threat intelligence and detection engineering teams, and influence strategic improvements in detection and response capabilities across the enterprise. To ensure effective management and control of information security, IT and … and persistence operations in diverse environments Reverse engineer proof-of-concept exploits and assess their relevance and impact within MUFG's infrastructure Partner with Blue Team, Detection Engineering, and Threat Intelligence to validate findings and enhance detection logic and response workflows Deliver clear, actionable reporting of findings, attack paths, and remediation strategies to both technical and executive stakeholders More ❯

law, technology, and crisis management.This is not another practice group in a traditional firm - it's a high-performing business within a business, combining legal expertise with digital forensics, threat intelligence, and cyber risk engineering.If you want meaningful responsibility, the chance to grow something, and a clear path toward partnership or leadership, this is that moment.What You'll … crises — providing clear, strategic legal guidance under pressure. Supervise and mentor junior lawyers while helping shape the direction of the team. Work alongside leading experts in digital forensics and threat intelligence to deliver fully integrated incident response. Contribute to new products, knowledge, and thought leadership in a rapidly evolving field. Support business development and client-relationship initiatives that More ❯

Role: Cyber Threat Analyst Location: Any UK Salary: Competitive salary and package dependent on experience Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being a British … have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy and expertise. As a Cyber Threat Analyst you will: As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. … If you’re excited about the role and think you could make a difference, please get in touch. The following skills and experience are essential for this role: Proactive threat hunting using available client data and developing improvements to threat hunting capabilities Collection and interpretation of different sources of threat intelligence Actively researching emerging threats and More ❯

Consultant in Unit 42 you will have the opportunity to work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security. We are seeking an individual who is passionate about cyber security, curious with a demonstrated track record of continuous learning, and has the technical acumen to … embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on SOC … Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight and guidance on … threat hunting operations Translate threat intelligence into actionable hypotheses and use cases Design and execute advanced threat hunting exercises across varied environments Develop in-house training programmes for SOC analysts Drive CTI maturity and visibility across internal and customer-facing functions Ensure comprehensive documentation and stakeholder reporting Participate in the on-call rotation for critical incidents More ❯