21 of 21 Threat Detection Jobs in the South East

Threat-Led Detection Engineer will design, build, and maintain high-quality threat detections within WTW's Global Information and Cyber Security Defence (ICSD) function, helping WTW detect adversary activity quickly and accurately across its global estate. This is a hands-on engineering role for someone with … strong cyber security mindset and a genuine interest in how attackers operate. You will write and tune detection rules, map coverage to real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence ...

well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices … threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection ...

high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role … protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat ...

cyber security leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence … function, overseeing security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes ...

response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. Oversee security monitoring, threat detection, threat intelligence, and vulnerability management activities. Provide enterprise-wide oversight of network security technologies, controls, and architectures. Ensure the effective management … optimisation of firewalls, network access controls, intrusion detection/prevention systems, secure remote access solutions, and related security platforms. Lead investigations into security breaches, suspicious activity, and emerging threats. Drive continuous improvement across security operations processes, tooling, and capabilities. Produce security reporting, metrics, and risk-based recommendations for senior ...

assessing and mitigating cyber threats across enterprise systems while helping to shape and improve the organisation's overall security posture. Key Responsibilities Cybersecurity Operations & Threat Management Conduct ongoing threat assessments across operational systems and infrastructure Identify vulnerabilities, threat vectors and areas of security risk Design and implement … security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents and testing activities Security Governance & Risk Management ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service. This role operates on a Monday to Friday ...

Analyst to help protect multiple critical client environments. The role offers real variety and continued hands-on involvement, combining leadership with incident response, threat detection, and operational delivery. We will also consider experienced SOC professionals who are ready to step into a leadership position while remaining technically engaged. … analysts within a 24/7 SOC, acting as the primary escalation point for complex incidents, supporting operational delivery, and helping to mature our detection and response capabilities across multiple clients. This role is site-based in Hemel Hempstead and follows a shift pattern of two day shifts (6am6pm ...

enterprise IT environments Knowledge of identity & access management (IAM, MFA, RBAC, PAM) Experience with risk management and ISO 27001 compliance Understanding of incident response, threat detection, and DevSecOps practices Excellent communication skills with the ability to translate technical risk into business terms Desirable Certifications such as CISSP, CISM ...

hybrid environments developing, implementing and maintaining cyber security strategy and governance (aligned to various frameworks e.g. ISO27001, NIST, Cyber Essentials) overseeing security operations (SOC, threat detection, vulnerability management etc.), and incident response plans risk management and compliance, ensuring compliance with various standards and frameworks About you Applicants ...

particularly interested in experience across: Security operations and cyber defence Azure and AWS security Enterprise infrastructure and networking Identity and access management Threat detection and incident response Vulnerability management Security governance, risk and compliance Secure development and DevSecOps practices Experience with Splunk Enterprise Security would be advantageous. Background ...

hands-on experience with Microsoft Defender Experience monitoring and responding to security alerts in a SOC or security-focused environment Knowledge of endpoint security, threat detection, and incident response processes Understanding of cybersecurity principles, vulnerabilities, and attack techniques Ability to investigate and analyse security events effectively Experience identifying ...

across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations ...

reliable security telemetry Develop custom parsers and data transformations to normalise and enrich ingested data Design and optimise KQL queries to support effective threat detection and investigation Create and maintain analytic rules and detection logic aligned to emerging threats and business use cases Develop Logic Apps ...

reliable security telemetry Develop custom parsers and data transformations to normalise and enrich ingested data Design and optimise KQL queries to support effective threat detection and investigation Create and maintain analytic rules and detection logic aligned to emerging threats and business use cases Develop Logic Apps ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

enterprise applications Owning global firewall design and architecture Architecting and enhancing Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring Championing Identity Threat Detection and Response (ITDR) solutions to proactively mitigate identity-based attacks Guiding the hardening of multi-site Active Directory domains/forests ...

ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/… standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing ...

deploying and managing security tooling within a Kubernetes Environment. In your role you will administer and maintain Splunk for log aggregation, monitoring, alerting and threat detection. You will operate and manage Nessus for vulnerability scanning, reporting and remediation tracking. Also, you will integrate security tools into CI/ ...

leader in its field, and part of a globally successful UK-based business. They design, manufacture, sell and support a range of highly advanced threat detection and security products for global markets in commercial, aviation, defence and security sectors. The products range from small hand-held devices through ...