12 of 12 Threat Detection Jobs in the South East

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across … business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

organisation's SIEM platform Perform initial triage and investigation of security alerts Escalate potential security incidents to senior analysts Assist with incident response and threat detection activities Support vulnerability management and security monitoring Maintain accurate incident records and documentation Work collaboratively with IT and security teams Required Skills … Basic understanding of cyber security principles and threat landscapes Familiarity with SIEM tools or security monitoring platforms Knowledge of networking fundamentals and operating systems Strong analytical and problem-solving skills Interest in developing a career within cyber security Nice to Have: Experience with Splunk, Sentinel, QRadar or Elastic Exposure ...

integrations are developed to meet specific security needs. Your work will also involve the deployment and management of EDR tools to enhance the overall threat detection capabilities of the organisation. SIEM ENGINEER ESSENTIAL SKILLS: Proficiency in Syslog and Linux skills Experience with SIEM tools (Sentinel or Elastic ...

strong vendor management, contract negotiation, and service performance governance. solid grounding in data architecture, governance, BI, and data-driven KPIs. experience implementing cybersecurity strategies, threat detection, and incident response. financial acumen across budgeting, forecasting, and ROI optimisation. an eye to the future - showing a passion for emerging technologies ...

client requirement Role Description Responsible for managing, monitoring, and optimising network security controls, with a primary focus on firewalls, IDS/IPS, and network threat detection. The role ensures network security configurations are effective, aligned to security policy, and support SOC detection and incident response activities. Accenture ...