1 to 25 of 31 Threat Detection Jobs in the South East

business need. The Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel

all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role … responsible for developing, automating, and enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That … building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy

client, the UK's trusted Ministry of Defence partner, is seeking an experienced SOC Threat Detection Analyst to join the cyber security operations centre (SOC) within Information Management (IM). The successful candidate will support Senior SOC analysts in addressing the challenges of countering cyber threats, driving … proactive ethos in a dynamic environment, and providing robust threat detection and analysis within the 24x7 SOC. Key Responsibilities: To support the SOC Manager in assisting Information Management UK in meeting the challenges and demands of countering cyber threats, the role involves supporting the operational functions

Life on the team The Cyber Threat Operations Team plays a vital role in protecting Computacenter from the latest threats and threat actors. We maintain a forward-looking mentality to identify emerging threats and trends, ensuring we stay one step ahead of security threats. Our team combines specialist … skills in Threat Intelligence, Threat Hunting, Malware Analysis, Digital Forensics, Incident Response, and Threat Modelling. At our core, we are driven by a mission to "investigate, collate and locate": to unearth new threats, gather all available intelligence, and proactively respond. We apply technical expertise and global awareness

leading a team of cyber security engineers. The role involves close collaboration with IT, network teams, and senior stakeholders to identify vulnerabilities, mature detection capabilities, and ensure compliance with recognised security frameworks. Key Responsibilities Lead and develop a team of cyber security engineers, providing technical and strategic direction. Oversee … security operations including monitoring, incident management, and threat response. Conduct assessments across the IT estate to identify risks and emerging threats. Manage security events from detection through to remediation, ensuring timely and effective responses. Drive improvements to the organisation's security posture in line with a rapidly evolving

Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. … Onboard and integrate new log sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers

Adword Job Title: SOC Threat hunting Analyst Location: Remote Duration: 04 months contract Active SC Clearance required Experience and knowledge Key Responsibilities: Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. … Maintain detection content throughout its lifecycle - from development and testing to deployment and tuning. Work with client Lead Analysts to ensure content relevance and effectiveness in detecting threats across various environments. Proactive Threat Hunting: Conduct hypothesis-driven threat hunts based on client telemetry, threat intelligence

well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving … client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced

complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … into research and intelligence. You'll be working closely with large volumes of security data to help organise, analyse and contextualise the activity their detection systems surface. If you understand how networks really operate, feel comfortable working with SQL, and enjoy exploring patterns in security data, this could

risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units across bp. As the first point of contact … part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM and case management systems.

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks

creating robust PowerShell and Python Runbooks within Azure Automation for routine configuration management, scheduled maintenance, and automated incident remediation actions. Security Operations (SecOps) and Threat Response: Implementing proactive threat detection and automated security response capabilities. This involves active utilisation of Microsoft Defender for Cloud (for CSPM

security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands

configure, and maintain SIEM tools like Sentinel, Elastic. EDR deployment, configuration & management - experience with tools like Tanium, Trellix, FireEye, Defender, Elastic EDR Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Experience configuring Syslog Servers and maintaining and configuring syslog feeds Log ingestion Creation

reporting on ISMS effectiveness and operational performance. Manage security operations in line with organisational policy, standards and industry best practice. Conduct security risk and threat assessments (operational and system). Engage with internal stakeholders and third-party providers on security, risk and privacy matters. Respond to security incidents promptly … ensuring early identification and resolution. Oversee threat detection, vulnerability management and remediation activities. Represent security considerations in IT and process change assessments. Maintain ISMS, Operational Security and Risk Assurance documentation. Lead monthly client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external

performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response