19 of 19 Threat Detection Jobs in the South East

Threat Detection Engineer A specialist technology organisation operating in highly secure environments is expanding its cyber capability and looking to strengthen its detection function. This role sits at the heart of identifying, stopping, and staying ahead of modern threats. Role Overview: Location: Farnborough/Hybrid (3 days … week on site) Package: £55,000- £65,000pa & Benefits Industry: Defence & National Security What You’ll Be Doing: Designing and building high-quality detection rules and use cases across SIEM and EDR platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London or Remote Type: Permanent, full time Hybrid role, happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities … keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager ...

decision-making challenges Work with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations … engaging with prospective customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert in customer ...

About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud … security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing, switching and firewall design • Solid ...

Manager is responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management … Ensure effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

technical authority for cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation Security … Zscaler (ZIA/ZPA/ZDX), Splunk, Sophos MDR, Mimecast, Okta Networking: Cisco (Catalyst, Nexus), Fortinet, firewalls and VPNs Security Ops: SIEM, intrusion detection, ethical hacking Scripting: PowerShell What They’re Looking For Proven experience in a security-focused infrastructure role Strong hands-on expertise with firewalls, SIEM ...

greatest strength comes from working as one team — with our colleagues, our partners, and our clients — to make a real difference. Key Responsibilities: XDR (Detection & Response): Working extensively on our Extended Detection and Response platform, including deployment, alert tuning, triage workflows, automation, and reporting. Continuously refine detections … playbooks to measurably improve threat detection and incident response times. Cyber Essentials (Continuous Compliance): Help transform Cyber Essentials from a point-in-time certification into a year-round managed compliance service. Automate evidence collection and proactive remediation, deliver regular compliance reporting, and ensure clients remain compliant throughout ...

endpoint protection, investigate threats, and remediate vulnerabilities Investigate and remediate endpoint threats and vulnerabilities Correlate security events and develop automated playbooks in Sentinel Support threat hunting activities and contribute to incident response efforts Manage phishing alerts and user-reported incidents through Ironscales Collaborate with the London-based cyber security … team to ensure global coverage and knowledge sharing Maintain documentation of incidents, response actions, and detection rules Contribute to continuous improvement of detection logic, workflows, and user awareness initiatives The ideal candidate will have a degree in computer science or equivalent experience in a cyber security ...

performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response ...

controls across the organisation. You'll work closely with internal teams and external partners to integrate new security technologies, refine configurations, strengthen monitoring and detection capabilities and provide guidance on best-practice security operations. From initial rollout to continuous improvement, you'll be the go-to expert driving success … local and enterprise environments. You have deep technical knowledge across areas such as endpoint protection, SIEM/EDR platforms, vulnerability management, identity security and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

integrated, and aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer ...

help the client understand their security challenges, manage security risks and enable them to enhance their security posture. Key Responsibilities Conduct security risk and threat assessments (operational and system). Deliver services aligned with ISO27001 standards. Provide regular reporting on ISMS effectiveness and operational performance. Manage security operations … with internal stakeholders and third-party providers on security, risk and privacy matters. Respond to security incidents promptly, ensuring early identification and resolution. Oversee threat detection, vulnerability management and remediation activities. Represent security considerations in IT and process change assessments. Maintain ISMS, Operational Security and Risk Assurance documentation. ...

Network & Security Engineering Implement, and support enterprise grade network and security solutions Deploy, configure, and troubleshoot Cisco Firepower firewalls, including policy configuration, VPNs, and threat protection Implement and maintain Cisco Identity Services Engine (ISE) for network access control, authentication, and authorization Work with Cisco Stealthwatch and other Cisco security … tools to provide visibility, monitoring, and threat detection Configure and support FortiGate firewalls where required, including firewall policies, VPNs, and security profiles Produce high quality technical documentation, including designs, implementation guides, and handover documentation Customer Engagement & Communication Serve as a trusted technical advisor to customers, clearly explaining solutions ...

strong vendor management, contract negotiation, and service performance governance. solid grounding in data architecture, governance, BI, and data-driven KPIs. experience implementing cybersecurity strategies, threat detection, and incident response. financial acumen across budgeting, forecasting, and ROI optimisation. an eye to the future - showing a passion for emerging technologies ...

security technologies and solid experience across XDR and SIEM environments. This role sits within the Security Operations xxuwjjq function and is focused on improving threat detection, automation, visibility, and response us... Interested in this role You can find all the relevant information in the description below. ...

client requirement Role Description Responsible for managing, monitoring, and optimising network security controls, with a primary focus on firewalls, IDS/IPS, and network threat detection. The role ensures network security configurations are effective, aligned to security policy, and support SOC detection and incident response activities. Accenture ...