1 to 25 of 31 Threat Detection Jobs in the South East

Title: Cyber Threat Hunting Lead - Use Case Factory/Monitoring Location: Hybrid - Reading (2 days/week onsite, travel expensed) Clearance: Active SC clearance required Contract Type: Inside IR35 Duration: 6 months Start Date: ASAP Overview: SR2 Consulting is supporting a strategically significant programme within the defence and national … security domain and is looking for an experienced Cyber Threat Hunting Lead to drive proactive detection capability and threat visibility across a complex environment. This role will blend hands-on threat hunting , detection engineering leadership , and the operational oversight of monitoring frameworks - including the design ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London or Remote Type: Permanent, full time Hybrid role, happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities … keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager ...

Rollout of Crowdstrike to the server estate, encompassing Windows and Linux servers hosted in data centres and cloud IaaS platforms.Removal of the existing server threat detection agents from servers. Assist with the initial setup of the Crowdstrike and Microsoft Defender threat detection and response environments. Centralised … configuration of Crowdstrike and Microsoft Defender threat detection and response management consoles in line with requirements and preferences.Assist with the agent configuration for rolling out Microsoft Defender to Intune managed Windows 10 and Windows 11 endpoint devices. Day-to-day administration and project tasks in the relevant Microsoft ...

decision-making challenges Work with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations … engaging with prospective customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert in customer ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

detect, defend, and deliver across multiple secure projects.If you love taking ownership, working with cutting-edge tools, and leading the way in proactive threat detection, this is the role for you.As the Lead SIEM Engineer, you will: Leading the design, development and tuning of SIEM content – rules, dashboards … spot threats fast. Acting as the technical authority on SIEM engineering, ensuring the platform runs efficiently and delivers real value. Working with SOC Analysts, Threat Hunters and Architects to enhance SIEM use cases and boost detection accuracy. Bringing new ideas and threat intelligence to evolve the SIEM ...

Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing, switching and firewall design • Solid ...

Azure, corporate servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … looking for: 5 years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices ...

mission-critical role at the heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed … hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth ...

Manager is responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management … Ensure effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

endpoint protection, investigate threats, and remediate vulnerabilities Investigate and remediate endpoint threats and vulnerabilities Correlate security events and develop automated playbooks in Sentinel Support threat hunting activities and contribute to incident response efforts Manage phishing alerts and user-reported incidents through Ironscales Collaborate with the London-based cyber security … team to ensure global coverage and knowledge sharing Maintain documentation of incidents, response actions, and detection rules Contribute to continuous improvement of detection logic, workflows, and user awareness initiatives The ideal candidate will have a degree in computer science or equivalent experience in a cyber security ...

performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response ...

Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support. Understanding of Operating Systems and Network Protocols. Foundational understanding of advanced threat detection in an enterprise environment. Foundational understanding of malware families, their types, and the threat they pose UK Citizenship is required. Skills ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

networking (Hirschmann/Belden) Windows & Linux administration Network monitoring, event logging, zones/conduits Kali Linux tooling knowledge Understanding of SCADA (bonus: AVEVA exposure) Threat detection & device hardening experience Benefits Quarterly and Yearly Bonus scheme • 7% employer pension • Life assurance (4× salary) Health Cash Plan • 25 days holiday ...

controls across the organisation. You'll work closely with internal teams and external partners to integrate new security technologies, refine configurations, strengthen monitoring and detection capabilities and provide guidance on best-practice security operations. From initial rollout to continuous improvement, you'll be the go-to expert driving success … local and enterprise environments. You have deep technical knowledge across areas such as endpoint protection, SIEM/EDR platforms, vulnerability management, identity security and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

integrated, and aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer ...