We are partnering with a leading trading company to hire a Cyber Threat Specialist to join their Threat Detection & Response Team in London. This is a permanent role focused on building a modern and effective defensive cyber security capability across a critical business environment. The Role As a Cyber Threat Specialist, you will lead and deliver defensive security across enterprise and cloud platforms. Your responsibilities will include: Designing, implementing, and validating high-fidelity detection and response rules Testing detection content against recognised frameworks and optimising rules continuously Leading investigations across endpoints, identity, email, SaaS, and cloud workloads Performing forensic analysis and malware investigations Participating in on-call and escalation support Leading proactive threat hunting exercises aligned to threat models Translating threat intelligence (ISACs, OSINT) into practical detections and control improvements Identifying gaps in monitoring and enhancing detection capabilities Supporting deployment and automation of security tooling (SIEM, SOAR, EDR, DLP, WAF, email security) Developing automation using Python, Bash, or PowerShell Acting as an escalation point for junior analysts and helping guide them About You Minimum 35 years hands-on experience in at least two of: detection engineering, incident response, security engineering, threat hunting, or threat intelligence Strong experience with security tooling (SIEM, SOAR, EDR, DLP) Understanding of MITRE ATT&CK, cyber kill chain, and attacker tradecraft Experience investigating complex security incidents across applications and infrastructure Familiarity with offensive tools (Kali, Cobalt Strike, Metasploit) from a defensive perspective Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTPS, firewalls, proxies) Experience across Windows, Linux/Unix, and cloud environments Scripting capability (Python, Bash, PowerShell) Exposure to CI/CD and cloud platforms (Azure preferred) Must have a GitHub account demonstrating relevant projects or tooling development Relevant certifications: OSCP, Cloud CRTO, or equivalent highly desirable (CISSP not required)