Back

Cyber Threat Specialist

  • McCabe & Barton
  • Feb 27, 2026
Full time Telecommunications

Job Description

Cyber Threat Specialist (Blue Team) - Financial Services - London - Hybrid - Excellent Overall Package

The role

Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working closely with engineering, infrastructure and security teams, you will help design, implement and optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences.

What you'll be doing

  • Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities.
  • Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads.
  • Use and tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness.
  • Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt attacker tradecraft.
  • Leverage offensive tooling (Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz, etc.) to understand and defend against real-world attack techniques.
  • Contribute to secure architectures across networks, operating systems and cloud platforms.

What we're looking for

  • Minimum of 3 years' hands-on experience in at least two of: detection engineering, incident response, digital forensics, security operations, threat hunting, threat intelligence, with exposure to the others.
  • Strong experience with security tooling: EDR, DLP, SIEM, SOAR.
  • Solid background in threat investigation and incident response.
  • Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft.
  • Familiarity with offensive tools such as Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz.
  • Strong knowledge of networking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, proxies).
  • Experience with Windows and Linux/Unix (Kubernetes exposure a plus).
  • Scripting or programming skills in Bash, Python or PowerShell.
  • Exposure to CI/CD tools and cloud platforms (eg Ansible Tower, Bitbucket, Pipelines, Azure).
  • Understanding of secure network architectures and related technologies.

How to apply

If you're interested and think you align with this opportunity, please apply with an updated CV.

About McCabe & Barton
Apply Now