1 to 25 of 30 Threat Detection Jobs in the South East

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team, you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Threat Detection Engineer A specialist technology organisation operating in highly secure environments is expanding its cyber capability and looking to strengthen its detection function. This role sits at the heart of identifying, stopping, and staying ahead of modern threats. Role Overview: Location: Farnborough/Hybrid (3 days … week on site) Package: £55,000- £65,000pa & Benefits Industry: Defence & National Security What You’ll Be Doing: Designing and building high-quality detection rules and use cases across SIEM and EDR platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

decision-making challenges Work with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations … engaging with prospective customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert in customer ...

About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud … security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

Manager is responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management … Ensure effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

technical authority for cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation Security … Zscaler (ZIA/ZPA/ZDX), Splunk, Sophos MDR, Mimecast, Okta Networking: Cisco (Catalyst, Nexus), Fortinet, firewalls and VPNs Security Ops: SIEM, intrusion detection, ethical hacking Scripting: PowerShell What They’re Looking For Proven experience in a security-focused infrastructure role Strong hands-on expertise with firewalls, SIEM ...

OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation ...

security cleared (DV Level) prior to appointment. Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams … driven environments. Experience required: Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch Proficiency in log parsing ...

security cleared (DV Level) prior to appointment. Experienced Elastic SIEM Subject Matter Expert required to support NESTOR operations by building, tuning, and operating threat detection, log ingestion, and operational dashboards within Elastic. The role focuses on improving detection quality, investigating alerts, and collaborating closely with operational teams … driven environments. Experience required: Strong hands-on experience with Elasticsearch, Kibana, and Elastic SIEM in operational environments Proven experience developing, tuning, and optimising SIEM detection rules to identify threats and reduce false positives Experience managing log ingestion pipelines and ensuring reliable data flow into Elasticsearch Proficiency in log parsing ...

applications and privileged roles. Privileged Access & Security Integration Architect and enhance Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring. Champion identity threat detection and response (ITDR) approaches to mitigate identity-based attacks. Integrate IAM with HR, IT, and engineering systems to support automated joiner/ ...

controls across the organisation. You'll work closely with internal teams and external partners to integrate new security technologies, refine configurations, strengthen monitoring and detection capabilities and provide guidance on best-practice security operations. From initial rollout to continuous improvement, you'll be the go-to expert driving success … local and enterprise environments. You have deep technical knowledge across areas such as endpoint protection, SIEM/EDR platforms, vulnerability management, identity security and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

help the client understand their security challenges, manage security risks and enable them to enhance their security posture. Key Responsibilities Conduct security risk and threat assessments (operational and system). Deliver services aligned with ISO27001 standards. Provide regular reporting on ISMS effectiveness and operational performance. Manage security operations … with internal stakeholders and third-party providers on security, risk and privacy matters. Respond to security incidents promptly, ensuring early identification and resolution. Oversee threat detection, vulnerability management and remediation activities. Represent security considerations in IT and process change assessments. Maintain ISMS, Operational Security and Risk Assurance documentation. ...