1 to 25 of 77 Threat Detection Jobs in the South East

business need. The Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel ...

all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role … responsible for developing, automating, and enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That … building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy ...

client, the UK's trusted Ministry of Defence partner, is seeking an experienced SOC Threat Detection Analyst to join the cyber security operations centre (SOC) within Information Management (IM). The successful candidate will support Senior SOC analysts in addressing the challenges of countering cyber threats, driving … proactive ethos in a dynamic environment, and providing robust threat detection and analysis within the 24x7 SOC. Key Responsibilities: To support the SOC Manager in assisting Information Management UK in meeting the challenges and demands of countering cyber threats, the role involves supporting the operational functions ...

leading a team of cyber security engineers. The role involves close collaboration with IT, network teams, and senior stakeholders to identify vulnerabilities, mature detection capabilities, and ensure compliance with recognised security frameworks. Key Responsibilities Lead and develop a team of cyber security engineers, providing technical and strategic direction. Oversee … security operations including monitoring, incident management, and threat response. Conduct assessments across the IT estate to identify risks and emerging threats. Manage security events from detection through to remediation, ensuring timely and effective responses. Drive improvements to the organisation's security posture in line with a rapidly evolving ...

Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. … Onboard and integrate new log sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns ...

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers ...

Adword Job Title: SOC Threat hunting Analyst Location: Remote Duration: 04 months contract Active SC Clearance required Experience and knowledge Key Responsibilities: Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. … Maintain detection content throughout its lifecycle - from development and testing to deployment and tuning. Work with client Lead Analysts to ensure content relevance and effectiveness in detecting threats across various environments. Proactive Threat Hunting: Conduct hypothesis-driven threat hunts based on client telemetry, threat intelligence ...

well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving … client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection ...

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach ...

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management … Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management Excellent stakeholder management and communication skills — able to explain complex risks in simple terms Experience building and mentoring high-performing ...

strong go-to-market capability with deep technical expertise, our Belfast and Reading hubs support product innovation, security research, and 24/7 Managed Detection and Response services. The team operates in a hybrid working model, collaborating closely with global product and threat research teams to deliver world … class detection, response, and cloud security solutions. About The Role As a Field CISO, your primary responsibility will be to scale and grow business and market development across UK & Ireland, collaborating across teams to drive revenue growth. Specifically, your focus will be to: Act as Rapid7’s senior cyber ...

complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … into research and intelligence. You'll be working closely with large volumes of security data to help organise, analyse and contextualise the activity their detection systems surface. If you understand how networks really operate, feel comfortable working with SQL, and enjoy exploring patterns in security data, this could ...

risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units across bp. As the first point of contact … part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM and case management systems. ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

creating robust PowerShell and Python Runbooks within Azure Automation for routine configuration management, scheduled maintenance, and automated incident remediation actions. Security Operations (SecOps) and Threat Response: Implementing proactive threat detection and automated security response capabilities. This involves active utilisation of Microsoft Defender for Cloud (for CSPM ...

that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint … cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through ...

that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint … cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through ...

that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint … cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through ...