Cyber Threat Detection Analyst - SANS / GIAC

Adecco
Berkshire, United Kingdom
3 days ago
Posted
16 Apr 2026 (3 days ago)
Share
Save job
Create job alert

Cyber Threat Detection Analyst

Location: Berkshire (On‑site)

Salary: Competitive (dependent on experience) + excellent benefits & training

Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only)

Company Overview

An exciting opportunity to join a global technology powerhouse with a highly regarded cyber security capability supporting mission‑critical environments across multiple industries.

Cyber security sits at the heart of the organisation's operations, with sustained investment in people, tooling, threat intelligence, and continuous professional development. The security function operates at a mature level, bringing together blue team, red team, threat hunting, and collaborative purple‑team practices to proactively defend against real‑world adversaries.

Role Overview

As a Cyber Threat Detection Analyst, you will play a hands‑on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high‑fidelity threat detection across enterprise environments.

This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified.

We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting‑led environment.

This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering.

Skills & Experience We're Seeking

Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience.

Strong hands‑on experience using SIEM platforms, including:

Microsoft Sentinel (KQL)

Splunk (SPL)

Elastic Security / Kibana (KQL, ESQL)

Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft

Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds

Solid experience across the security event lifecycle, including detection, investigation, and incident management

Hands‑on experience with EDR / XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black

Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, firewalls, VPNs, proxy technologies)

Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources

Strong analytical mindset with the ability to clearly communicate findings, impact, and riskKey Responsibilities

Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats

Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence

Write, refine, and optimise SIEM queries using KQL, SPL, Elastic / ESQL, and Kibana Query Language

Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources

Lead investigations from initial detection through scoping, root cause analysis, and impact assessment

Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned

Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage

Contribute to detection logic improvements, use‑case development, and continuous enhancement of hunting methodologies

Produce clear investigation write‑ups, timelines, and recommendations for technical and non‑technical stakeholdersParticularly Interested In Candidates With

Experience supporting or collaborating with Red Team or Purple Team exercises

Exposure to adversary emulation, attack simulation, detection validation, or detection engineering

Experience working in regulated, high‑security, or mission‑critical environments

Background in advanced SOC functions with a strong emphasis on investigation and threat huntingSecurity Certifications (Highly Beneficial)

SANS / GIAC certifications, including but not limited to:

GCIH - Incident Handler

GCIA - Intrusion Analyst

GCED - Enterprise Defender

GCTI - Cyber Threat Intelligence

GMON - Continuous Monitoring

GDAT - Defending Advanced Threats

GCAT - Advanced Threat Intelligence

OSCP or equivalent offensive security qualifications

CREST certifications, such as:

CREST Practitioner Intrusion Analyst (CPIA)

CREST Registered Intrusion Analyst (CRIA)

CREST Certified Threat Intelligence Analyst (CCTIA)

CREST Certified Blue Team Professional (CCBTP)

Microsoft SC‑200 or related detection and response certifications

Other recognised cyber security or threat intelligence credentialsWhy Join?

Threat‑hunting‑led role within a mature cyber defence organisation

Exposure to real adversary behaviour, Red Team activity, and advanced attack scenarios

Competitive salary with an excellent benefits package

Significant investment in training, certifications, and long‑term career progression

Opportunity to work alongside experienced Blue, Red, and Purple Team professionals

Don't delay - apply now via the link below.

About Adecco

Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.

Keywords

Cyber Threat Detection Analyst, Threat Hunting, Threat Hunter, SOC Analyst, Advanced SOC, Blue Team, Red Team, Purple Team, Detection Engineering, Adversary Emulation, Breach & Attack Simulation, SIEM, Microsoft Sentinel, Splunk, Elastic Security, KQL, SPL, ESQL, Kibana Query Language, MITRE ATT&CK, TTPs, Threat Intelligence, IOC Analysis, Incident Management, Incident Response, Detection Use Cases, EDR, XDR, Microsoft Defender, CrowdStrike, SentinelOne, Endpoint Security, Network Security, IDS, IPS, Firewall Logs, DNS Analysis, Proxy Logs, Windows Event Logs, Linux Logs, Identity Telemetry, Lateral Movement Detection, Command‑and‑Control Detection, Malware Analysis, Digital Forensics, Cyber Defence, Cyber Security Analyst

Related Jobs

View all jobs

Tier 2 SOC Analyst

Jackson Hogg Wolviston, County Durham, United Kingdom

Senior Security Analyst

Franklin Fitch Portsmouth, Hampshire, United Kingdom
£42,500 – £47,500 pa

SOC Analyst (L2)

Chapman Tate Associates Aylesbury, United Kingdom

Cybersecurity Analyst

Healix Esher, Surrey, United Kingdom

Software Engineer III - Cloud

CrowdStrike London, United Kingdom

Senior Internal SOC Analyst

Darktrace Cambridge, CB2 3BJ, United Kingdom

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Products

Where to Advertise Cyber Security Jobs in the UK (2026 Guide)

Advertising cyber security jobs in the UK requires a different approach to most technical hiring. The candidate pool is small, heavily vetted and in high demand across government, financial services, critical national infrastructure and the private sector simultaneously. Many of the strongest candidates hold active security clearances, are not actively job-searching through general platforms, and move primarily through specialist networks and trusted referrals. General job boards reach a broad audience but lack the specificity that security professionals expect. Specialist platforms, government-affiliated channels and cleared candidate networks each serve a different part of the market. This guide, published by CybersecurityJobs.tech, covers where to advertise cyber security roles in the UK in 2026, how the main platforms compare, what employers should expect to pay, and what the data says about hiring across different role types.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.