1 to 25 of 28 Threat Detection Jobs in the South East

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … a great deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related More ❯

SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection, and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log … sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor More ❯

CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SIEM, Sentinel, Elastic, EDR, Tanium, Trellix, FireEye, Defender, Syslog, Cybersecurity, Python, PowerShell, KQL, Threat Detection, NSD More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial Key Responsibilities of the Security Analyst … escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach out to Connor Smal via the More ❯

Senior Machine Learning Engineer - Behavioural Modeling & Threat Detection - £160,000+ - Fully Remote UK BASED CANDIDATES ONLY My client is looking for an experienced Machine Learning Engineer ready to play a pivotal role in shaping the technical direction of their behavioural modelling and threat detection systems. This position offers the opportunity to influence not just their engineering … and verbal communication skills, especially in cross-functional contexts. Bonus Experience (Nice to Have) Exposure to large language models (LLMs) or foundational model adaptation. Previous work in cybersecurity, anomaly detection, or behavioural analytics. Familiarity with orchestration frameworks (Airflow or similar). Experience with scalable ML systems, pipelines, or real-time data processing. Advanced degree or equivalent experience in ML More ❯

responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum … responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion … for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact More ❯

attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and … networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain … is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability … in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security More ❯

enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering or security operations background who is … keen to move deeper into research and intelligence. You'll be working closely with large volumes of security data to help organise, analyse and contextualise the activity their detection systems surface. If you understand how networks really operate, feel comfortable working with SQL, and enjoy exploring patterns in security data, this could be a fantastic next step in your … career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat identification. Your responsibilities will include: Analysing and maintaining large volumes More ❯

Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments … and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). More ❯

Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments … and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). More ❯

Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments … and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). More ❯

per day. Key Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with … approved designs Participate in Microsoft FastTrack engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to More ❯

standardising infrastructure deployment. This includes creating robust PowerShell and Python Runbooks within Azure Automation for routine configuration management, scheduled maintenance, and automated incident remediation actions. Security Operations (SecOps) and Threat Response: Implementing proactive threat detection and automated security response capabilities. This involves active utilisation of Microsoft Defender for Cloud (for CSPM and CWPP) and Microsoft Sentinel, developing More ❯

remediation, and integration with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong More ❯

and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging More ❯

with ISO27001 standards Provide regular reporting on ISMS effectiveness and operational performance. Manage security operations in line with organisational policy, standards and industry best practice. Conduct security risk and threat assessments (operational and system). Engage with internal stakeholders and third-party providers on security, risk and privacy matters. Respond to security incidents promptly, ensuring early identification and resolution. … Oversee threat detection, vulnerability management and remediation activities. Represent security considerations in IT and process change assessments. Maintain ISMS, Operational Security and Risk Assurance documentation. Lead monthly client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external audits. Drive continuous improvement initiatives within Sopra Sterias security function. What youll bring: GRC/ More ❯

security monitoring platform, ensuring optimal performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM More ❯

security monitoring platform, ensuring optimal performance, scalability, and integration with security tools. Participate in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM More ❯

Head of Cyber Security to strengthen the organisations security posture, protect critical infrastructure, and reduce risk across a diverse and complex environment. Youll take ownership of real security challenges threat monitoring, vulnerability management, incident response, and continuous hardening of systems while helping shape a maturing cyber function. This is hands-on, meaningful engineering work within a team thats growing … and being taken seriously at board level. Key Responsibilities Threat Detection & Monitoring: Actively identify and analyse emerging risks across networks, applications and infrastructure. Incident Response: Support the creation, improvement and execution of response processes, ensuring swift containment and minimisation of impact. Security Assessments: Conduct regular audits and reviews, ensuring systems align to best practice and evolving security standards. … first culture by supporting colleagues, sharing knowledge and promoting safe working practices. What Youll Bring 3+ years cyber security experience within a sizeable or complex organisation. Strong understanding of threat analysis, vulnerability management and incident response. Experience with mainstream security tools (firewalls, IDS/IPS, scanning platforms, monitoring tools). Relevant certifications (CISSP, CEH, or similar) are highly desirable. More ❯

in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability scans with Qualys More ❯

in a hosting provider or managed service provider environment Strong working knowledge of ISO 27001, ISO 27017, ISO 27018, and ISO 22301 Hands-on experience with scanning and vulnerability detection applications Hands-on experience of Real time threat detection software Ability to analyze and explain exploitability of vulnerabilities, including attack vectors, prerequisites, and mitigations Skilled in producing More ❯

This includes onboarding log sources, developing analytical rules, creating automation for triage and remediation, and integrating with other IT and Operational Technology platforms. You will collaborate with the wider Threat Detection and Response team to ensure the SIEM platform meets their day-to-day needs and provide support during incidents as necessary. Key Responsibilities of the SIEM Engineer … the security monitoring platform, ensuring it meets the company's evolving security requirements. Participate in infrastructure projects to plan and implement solutions for security monitoring. Design, implement, and maintain detection rulesets to identify and respond to security threats. Scope, plan, and track log integrations to enhance the SIEM platform's capabilities. Guide, develop, and grow the SIEM Engineering team More ❯