1 to 25 of 35 Threat Detection Jobs in the South East

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … a great deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related More ❯

SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log … sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor More ❯

and IR processes, ensuring alignment and consistency across regions · Collaborate with global SOC and IR teams to harmonize incident response workflows, tooling, and reporting standards · Provide expert guidance to Detection Engineers to optimize detection logic and improve alert fidelity · Mentor and train junior SOC and IR analysts, fostering a culture of continuous learning and operational excellence · Contribute to … and refinement of Standard Operating Procedures (SOPs) for Tier 1 and Tier 2 operations · Conduct quality assurance reviews of Tier 1 analysis and provide constructive feedback · Collaborate with the Detection Logic Engineering team to enhance detection capabilities and threat coverage · Support audit and regulatory engagements by providing timely and accurate responses to information requests · Liaise with cross … of-hours incident response rotations as necessary Skills and Experience: · Minimum 3 years of experience in a Senior SOC Analyst or Tier 2/3 role · Proven expertise in threat analytics, incident response, and cyber investigations · Strong understanding of attacker tactics, techniques, and procedures (TTPs) across diverse environments · Familiarity with industry-standard incident response frameworks (e.g., NIST, SANS) · Experience More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

delivering high-quality services across a portfolio of managed service customers, with a strong focus on cyber security. You'll play a key role in ensuring our services, from threat detection and monitoring through to wider IT service operations, are delivered to a high standard, fulfil contractual commitments and drive continual improvement. You'll act as the voice … with customer needs. · Help customers get the most from our services, including platforms such as Rapid7, Microsoft Defender, and other SIEM tools. · Contribute to reporting and analysis, including SLAs, threat detection trends, vulnerability findings, and investigation outcomes. · Stay aware of cyber security developments, including emerging threats, attacker techniques, and industry best practices, bringing that insight back into the … taken to maintain trust and service quality. Key Skills and Behaviours · Experience in service delivery management within a managed services or cyber security operations setting (e.g. SOC, SIEM, MDR, threat monitoring). · A strong grasp of ITIL principles and service management disciplines (ITIL v3/v4 certification preferred). · Familiarity with ServiceNow or similar ITSM tools · Experience with platforms More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression. Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to … DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. Engineer secure … log ingestion pipelines across hybrid cloud and on-prem environments. Support client onboarding, threat hunting, detection engineering, and process improvements. Mentor junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

lifecycles using development methodologies such as Kanban, PRINCE2, RUP, and Scrum Proven experience in Security Information and Event Management (SIEM) with a strong focus on Attack Surface Management, and Threat Detection and Response Essential : Managing and prioritising the backlog for multiple security products to ensure effective delivery and continuous improvement Demonstrating strong understanding of business drivers and core … organisational processes, with the ability to quickly adapt and align to evolving priorities Experience with hands-on involvement in threat detection, response strategies and attack surface management Skilled in Agile methodologies, including Scrum with hands-on experience in backlog management, sprint planning and iterative delivery Strong track record in financial oversight, including budget planning Benefits 28 days annual More ❯

responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum … responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion … for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact More ❯

The Cyber Security and Resilience Engineer will support OUPs Cyber Security Operations strategy with the management and optimisation of OUPs Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud environments. You will work closely with the Cyber Security Operations team, outsourced managed security … programme to help improve our security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender for Endpoint, Office 365, and … Cloud, while supporting the Security Operations Lead to keep our environment secure. Your day-to-day will involve analysing security alerts, collaborating with SOC and MSSP partners to strengthen detection and response, conducting regular assessments, and shaping security policies and best practices. We operate a hybrid working policy that requires a minimum of 2 days per week in the More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

seeking a skilled Cyber Security and Resilience Engineer to play a pivotal role in fortifying security infrastructure. You will support our Cyber Security Operations strategy by managing and optimising threat protection and detection tools across web, email, endpoints, and cloud environments. This is an exciting opportunity to work closely with cross-functional teams, outsourced security partners, and internal … on expertise with Azure, Entra, and Microsoft 365 Cloud Security Engineering Proficiency in writing complex PowerShell scripts Experience managing security for IaaS, PaaS, and SaaS platforms Strong understanding of threat detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT More ❯

B2B payments startup, and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain security … contractor in Poland unable to get to work. No excuses. No passengers. No tolerance for politics or mediocrity. Requirements What This Role Demands: You Own It – You lead our detection and response mission. You help define the roadmap, build the pipelines, and drive measurable outcomes across threat visibility, MTTD/MTTR, and resilience. You Ask Questions – You challenge … M365, Google Workspace, AWS, GCP, endpoints/EDR, network, SaaS, CI/CD, identity, and proprietary platforms) into Sentinel via native connectors, APIs, custom logs, and event hubs. Engineer detection content: write, test, and tune KQL analytics, scheduled rules, UEBA policies, MSTIC notebooks, watchlists, and hunting queries that map to industry frameworks (MITRE ATT&CK). Build incident response More ❯

Senior Security Engineer – Detection & Automation Here’s a great opportunity for a hands-on Senior Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts … to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting or API connections. Tune detection use cases and improve visibility across cloud/on-prem environments. Support client onboarding and configuration alignment. Mentor junior engineers and analysts. You’ll bring: 3–5 years’ experience in SOC or security engineering. … Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative environment. If you love improving More ❯

key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS … or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing activities More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

per day. Key Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with … approved designs Participate in Microsoft FastTrack engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to More ❯

remediation, and integration with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong More ❯

ll be at the heart of designing, enhancing, and maintaining our scalable Microsoft Sentinel platform and other Microsoft security technologies. From developing data connectors and automation workflows to tuning detection rules, you'll ensure our SIEM infrastructure is high-performing, compliant, and aligned with evolving threat landscapes. Working closely with SOC analysts, cloud teams, and incident responders, you … ll architect tailored use cases, build automated playbooks, and continuously improve incident response through orchestration. Your strategic input will help shape our security roadmap and drive innovation in detection engineering. This role is ideal for someone passionate about automation, security, and staying ahead of industry best practices. We want to hear from you if you: Have proven experience architecting … Are proficient in KQL (Kusto Query Language) and Azure Logic Apps. Have experience with security automation and orchestration tools (SOAR). Are familiarity with MITRE ATT&CK framework and threat detection methodologies. Scripting skills (PowerShell, Python) for automation and integration. What's in it for me? £competitive salary + benefits Who you'll be doing it for: Atech More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

security monitoring platform, ensuring optimal performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM More ❯