20 of 20 Threat Detection Jobs in the South East

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That … building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy ...

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across … alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation ...

detect, defend, and deliver across multiple secure projects.If you love taking ownership, working with cutting-edge tools, and leading the way in proactive threat detection, this is the role for you.As the Lead SIEM Engineer, you will: Leading the design, development and tuning of SIEM content – rules, dashboards … spot threats fast. Acting as the technical authority on SIEM engineering, ensuring the platform runs efficiently and delivers real value. Working with SOC Analysts, Threat Hunters and Architects to enhance SIEM use cases and boost detection accuracy. Bringing new ideas and threat intelligence to evolve the SIEM ...

design, deployment, and optimisation of advanced security capabilities across a complex virtualised environment. You will work closely with technical leads to enhance firewall, threat protection, monitoring, and investigative capabilities within VMware security platforms. What You'll Be Doing Firewall & Platform Enablement (vDefend DFW) Supporting deployment of the platform … macro, meso, and micro-segmentation policies Assisting with Identity Firewall configuration Enhancing logging, monitoring, visibility, and operational metrics Supporting capacity management activities Advanced Threat Protection (ATP) Assisting with ATP enablement and configuration Supporting policy activation for IPS/IDS Participating in testing, validation, and malware prevention tuning Helping with ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

protecting systems, networks, and applications from cyber threats. This internship is ideal for beginners looking to build strong foundational skills in cybersecurity practices, threat analysis, compliance, and risk management. No prior professional experience is required. Key Responsibilities Learn and assist in identifying security vulnerabilities across networks, systems, and applications. … Systems, or a related field. Basic understanding of computer networking fundamentals. Familiarity with operating systems such as Linux or Windows. Interest in cybersecurity concepts, threat detection, and system protection. Strong analytical mindset, curiosity, and attention to detail. Good written and verbal communication skills. Nice to Have (Bonus Skills ...

securing enterprise applications within Entra. Hands-on with Defender XDR/EDR across endpoints, O365, and Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident ...

reporting on ISMS effectiveness and operational performance. Manage security operations in line with organisational policy, standards and industry best practice. Conduct security risk and threat assessments (operational and system). Engage with internal stakeholders and third-party providers on security, risk and privacy matters. Respond to security incidents promptly … ensuring early identification and resolution. Oversee threat detection, vulnerability management and remediation activities. Represent security considerations in IT and process change assessments. Maintain ISMS, Operational Security and Risk Assurance documentation. Lead monthly client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external ...

Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support. Understanding of Operating Systems and Network Protocols. Foundational understanding of advanced threat detection in an enterprise environment. Foundational understanding of malware families, their types, and the threat they pose UK Citizenship is required. Skills ...

permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response … Security Operations Lead and mature security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry ...

lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK. This role offers the chance to work in a fast-paced, global environment with opportunities ...

infrastructure (network, servers, storage, firewalls) ensure compliance to various frameworks and governance as well as documentation develop and improve cyber security posture (endpoint, threat detection, incident response etc.) About you Applicants for the Infrastructure Engineer role will have: strong experience gained in a similar infrastructure position, with broad ...

automation frameworks for provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases ...

organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work … with other engineering leaders to embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews.. Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security ...

expert for secure-by-default practices across the full software development lifecycle. The business has made strong progress over the last 12 months in threat detection and modelling; now they need someone who can drive remediation, uplift guardrails, and ensure consistent security across a hybrid environment. ...

strong vendor management, contract negotiation, and service performance governance. solid grounding in data architecture, governance, BI, and data-driven KPIs. experience implementing cybersecurity strategies, threat detection, and incident response. financial acumen across budgeting, forecasting, and ROI optimisation. an eye to the future - showing a passion for emerging technologies ...