Job Description
Cyber Threat Detection Analyst
Location: Berkshire (On-site)
Salary: Competitive (dependent on experience) + excellent benefits & training
Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only)
Company Overview
An exciting opportunity to join a global technology Powerhouse with a highly regarded cyber security capability supporting mission-critical environments across multiple industries.
Cyber security sits at the heart of the organisation's operations, with sustained investment in people, tooling, threat intelligence, and continuous professional development. The security function operates at a mature level, bringing together blue team, red team, threat hunting, and collaborative purple-team practices to proactively defend against real-world adversaries.
Role Overview
As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments.
This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified.
We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment.
This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering.
Skills & Experience We're Seeking
- Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience.
- Strong hands-on experience using SIEM platforms, including:
- Microsoft Sentinel (KQL)
- Splunk (SPL)
- Elastic Security/Kibana (KQL, ESQL)
- Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft
- Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds
- Solid experience across the security event life cycle, including detection, investigation, and incident management
- Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black
- Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies)
- Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources
- Strong analytical mindset with the ability to clearly communicate findings, impact, and risk
Key Responsibilities
- Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats
- Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence
- Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language
- Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources
- Lead investigations from initial detection through scoping, root cause analysis, and impact assessment
- Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned
- Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage
- Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies
- Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders
Particularly Interested In Candidates With
- Experience supporting or collaborating with Red Team or Purple Team exercises
- Exposure to adversary emulation, attack simulation, detection validation, or detection engineering
- Experience working in regulated, high-security, or mission-critical environments
- Background in advanced SOC functions with a strong emphasis on investigation and threat hunting
Security Certifications (Highly Beneficial)
- SANS/GIAC certifications, including but not limited to:
- GCIH - Incident Handler
- GCIA - Intrusion Analyst
- GCED - Enterprise Defender
- GCTI - Cyber Threat Intelligence
- GMON - Continuous Monitoring
- GDAT - Defending Advanced Threats
- GCAT - Advanced Threat Intelligence
- OSCP or equivalent offensive security qualifications
- Crest certifications, such as:
- Crest Practitioner Intrusion Analyst (CPIA)
- Crest Registered Intrusion Analyst (CRIA)
- Crest Certified Threat Intelligence Analyst (CCTIA)
- Crest Certified Blue Team Professional (CCBTP)
- Microsoft SC-200 or related detection and response certifications
- Other recognised cyber security or threat intelligence credentials
Why Join?
Threat-hunting-led role within a mature cyber defence organisation
Exposure to real adversary behaviour, Red Team activity, and advanced attack scenarios
Competitive salary with an excellent benefits package
Significant investment in training, certifications, and long-term career progression
Opportunity to work alongside experienced Blue, Red, and Purple Team professionals
Don't delay - apply now via the link below.
About Adecco
Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
