Senior Threat Hunter

Role overview

Our products, platforms and technologies are constantly evolving, which is why keeping Sky safe from cyber‑attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our team includes the Cyber Fusion Centre, Security Services, Risk and Compliance, Programme Delivery and Business Security, and we work across the UK, Italy and Germany.

Join us and you’ll get involved in tackling challenges and future threats in an ever‑changing cyber landscape.

• Conduct proactive threat hunts across the enterprise, broadcast, and telco networks to identify abnormal activity, emerging attack techniques, and advanced threats.
• Develop and execute hypothesis‑driven threat hunts utilizing datasets across a variety of security tooling, including EDR, SIEM, and network‑layer defences.
• Collaborate directly with the Cyber Threat Intelligence team to ope rationalise intelligence, maintaining and refining hunting playbooks for priority threat actors and relevant TTPs.
• Partner with security engineering teams to translate hunt findings into productionised, high‑fidelity detections and drive continuous improvement in data source coverage and quality.
• Act as a technical mentor within the Cyber Defence function, guiding junior analysts, conducting peer reviews, and fostering a culture of continuous learning.
• Document and communicate hunt outcomes comprehensively, translating complex technical findings into actionable remediation strategies and executive‑level summaries.

• Extensive prior experience in threat hunting at a large enterprise environment.
• Experience with incident response, SOC, or detection engineering.
• Deep understanding of the MITRE ATT&CK framework and how to practically apply it to threat hunting methodologies and detection logic.
• Proficiency in complex query writing (e.g., KQL, SPL, SQL) to filter, analyse, and visualise large, disparate datasets.
• Hands‑on experience with EDR, NDR, SIEM, SOAR security platforms and data analysis platforms such as Databricks.
• Strong investigative acumen combined with a curious, highly analytical mindset capable of navigating ambiguity.
• Proven ability to work cross‑functionally, bridging the gap between security and broader technology teams to demonstrably improve the overall security posture.

• Scripting and automation capabilities, particularly utilising Python, PySpark, and SQL to streamline analytical workflows.
• Experience navigating cloud‑native security environments (AWS, Azure, or GCP) alongside familiarity with the Microsoft 365 ecosystem.
• Advanced knowledge of offensive security methodologies, including common exploit chains, reverse engineering basics, or penetration testing techniques.
• Relevant industry certifications demonstrating specialised knowledge in threat hunting, incident response, or forensics (e.g., SANS GCIA, GCIH, GCFA, OSCP).

• Free Sky TV or NOW package, including Sky Sports and Sky Cinema.
• Pension package with up to 9% employer contribution.
• Private healthcare with mental health support.
• Aviva Digital GP and dental insurance.
• Discounts on Sky products, including Sky Mobile, Sky Broadband, Sky Glass and Sky Protect.
• Share save and Tech schemes.
• A range of Sky VIP rewards and experiences.

The hybrid working expectations for this role are two days in the office per week. The role is based in the Osterley Campus, located a 10‑minute walk from Syon Lane train station. Free shuttle buses run from Osterley, Gunnersbury and Ealing Broadway stations, and free onsite parking is available for cars, motorbikes and bicycles. The campus features state‑of‑the‑art technology and work spaces, subsidised restaurants and cafes, a gym, a cinema, a car wash and a beauty salon.

We’re an equal opportunity employer and value diversity at our company. We’re a Disability Confident Accredited Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all and will make reasonable adjustments to support you where appropriate. Please flag any adjustments you need as early as you can.

Just so you know: if your application is successful, we’ll ask you to complete a criminal record check. Depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.

To be eligible for this role you are required to have the appropriate right to work in the UK. Please be aware Sky does not offer sponsorship for this position.