privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber IncidentResponse (CIR) practice is central to this. Our team supports PwC’s clients in crisis to prepare, respond and recover from cyber attacks … detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase “cost to the attacker”. Our Cyber IncidentResponse practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence … understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incidentresponse and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using more »
Cyber Snr. IncidentResponse Specialist - London - £85/£95k My client is a global consultancy who are adding to their incidentresponse & proactive threat-hunting team to further develop and polish the company's overall service offering. They are looking for a strong incidentresponse consultant who can independently investigate incidents, conduct threat hunting and engage with clients. Responsibilities of a Cyber Snr. IncidentResponse Specialist: Manage and coordinate cyber security incidents Act as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating … further attacker activity across endpoints, cloud, and network infrastructure Work closely with the CTI team and create playbooks Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Have the ability to advise clients on the threat landscape and attacks that may be relevant to more »
Job DescriptionCyber Snr. IncidentResponse Specialist - London - £85/£95kMy client is a global consultancy who are adding to their incidentresponse & proactive threat-hunting team to further develop and polish the company's overall service offering. They are looking for a strong incidentresponse consultant who can independently investigate incidents, conduct threat hunting and engage with clients.Responsibilities of a Cyber Snr. IncidentResponse Specialist:Manage and coordinate cyber security incidentsAct as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating further attacker … activity across endpoints, cloud, and network infrastructureWork closely with the CTI team and create playbooksDigital forensics of relevant incident data (disk, volatile memory, network packets, log files).Have the ability to advise clients on the threat landscape and attacks that may be relevant to themHave an understanding of incidentmore »
Technical Cyber Incident Responder Salary: £65-£80k + Strong Bonus + Benefits Location: UK Wide I am currently partnered with a NCSC accredited Cyber IncidentResponse provider who are looking for a technical Cyber Incident Responder to complement their established practice and take the lead on … threats faced by clients, identifying, and preventing the root cause effectively and swiftly. This is a seriously exciting opportunity for a technical Digital Forensics & IncidentResponse (DFIR) lead to join one of the most established IncidentResponse practices in the world, gain access to some of … the highest profile and sophisticated incidents out there; and focus exclusively on hands-on investigative pieces of work, away from the incident management and planning side of things. Key Responsibilities Act as a lead and technical escalation point on the most complex Digital Forensics & IncidentResponse investigations. more »
ensure that appropriate security controls are in place for KPMG technology solutions. Role summary Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process Coordinate Security Incident management activities across Regions • Provide Member Firms with IncidentResponse advice and support through the regional … set up, and maintain repeatable Teams War Room structure Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements Give Service Management the Security context of any Security … Incident promoted to Major Incidents Assist in the delivery of Cyber War games and purple teaming activities Initiate US Advisory IR assistance requests Coordinate US Advisory IR activities when necessary Key accountabilities Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major more »
Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, IncidentResponse Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring … Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incidentresponse procedures. Response: Lead and coordinate incidentresponse activities, develop and maintain incidentresponse plans, and escalate incidents … as necessary, ensuring adherence to major incident processes. Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds. Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure. Collaborate more »
Cyber IncidentResponse Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »
Cyber IncidentResponse A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incidentresponse team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the IncidentResponse investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »
line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incidentresponse processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incidentresponse process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incidentmore »
line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incidentresponse processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incidentresponse process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incidentmore »
Job Overview: Sportingtech is seeking a dedicated and experienced Major Incident Manager with a strong aptitude for command and coordination. This role is crucial for efficiently managing and resolving major incidents to minimise service impact and maintain exceptional user experiences. Additionally, this role involves regular Incident Management responsibilities … and requires an on-call commitment to address critical issues promptly. Key Responsibilities: Major Incident Command and Coordination: Take charge of leading and commanding bridge calls during major incidents, demonstrating exceptional control, coordination, and leadership skills. This role involves directing cross-functional teams, managing stakeholder communication effectively, and executing … recovery strategies to ensure quick resolution and minimal service disruption. Regular Incident Management: Assume regular Incident Management duties, handling and resolving day-to-day IT incidents, especially during periods without major incidents. On-Call Duties: Participate in an on-call rotation, being readily available to manage and respond more »
I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (IncidentResponse) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in IncidentResponse, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
Idox plc
Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and IncidentResponse: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. IncidentResponse Planning and Training: Develop and maintain incidentresponse plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »
Cyber Security Management - IncidentResponse, Security Monitoring, Threat Modelling Frameworks, NIST, Kill Chain, Attack Lifecycle, MITRE, Windows, UNIX, Stratus, Networks, SIEM, IAM, DLP I am looking for a Cyber Security professional for my client who is a leading investment bank based in London. You will join the Information … controls to detect anomalies and incidents. Monitor and report suspicious activity, conduct IR investigations, and escalate security incidents. Utilize IR and Forensics tools for incident analysis. Security Engagement & Best Practice Collaborate with penetration testing programs and other departments to mitigate security risks. Develop IncidentResponse and Threat … Be available for coverage from 7 am to 7 pm on business days, with potential for ad-hoc coverage outside regular hours. Key Skills: IncidentResponse & Security Monitoring Threat modelling frameworks Experience in banking/Investment Banking Managing cyber security incidents NIST, Kill Chain, Attack life cycle, MITRE more »
we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, IncidentResponse, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the … Developer provides the successful candidate with an opportunity to develop & enhance Integrity360’s threat detection capabilities across Managed Threat Detection (MTD) and Managed Detection & Response (MDR) service lines. Tracking adversary activity across a range of industries, the successful applicant will help to ensure Integrity360-managed products are positioned to … detect the latest tactics, techniques, and procedures employed by attackers. Working alongside teams including IncidentResponse, Cyber Threat Intelligence, and Integrity360’s Cyber Security Operations Centre (CSOC), the successful applicant will translate intelligence concerning adversary activity into detection capabilities which guide actionable investigations of real time threats. You more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incidentresponse/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incidentresponse experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »
Job DescriptionAbout UsOutbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world.With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and we … for the company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach.Role DescriptionThe Incident Manager (IM) is the glue who holds together all other teams and stakeholders in a cyber incident. You can think of this role like … accountable for their activities.The IM with be extremely detail orientated and comfortable with ensuring processes are appropriately followed and progressed as needed during the incident and quickly raising any challenges to the relevant owner.IMs will generally only be working on one incident at a time though in some more »
About Us Outbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world. With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and … company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach. Role Description The Incident Manager (IM) is the glue who holds together all other teams and stakeholders in a cyber incident. You can think of this role like … for their activities. The IM with be extremely detail orientated and comfortable with ensuring processes are appropriately followed and progressed as needed during the incident and quickly raising any challenges to the relevant owner. IMs will generally only be working on one incident at a time though in more »
Job DescriptionAbout UsOutbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world.With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and we … for the company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach.Role DescriptionThe Incident Responder (IR) is the main person responsible for the technical operational tasks necessary to provide our clients with a high quality, rapid and comprehensive … response to a breach. They will be at the forefront of all incidents and absolutely critical to the successful resolution. They will be intimately familiar with a wide variety of attacks from Ransomware to BEC, insider threat and DDoS to name just a few examples.The IR will be expected more »
About Us Outbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world. With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and … company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach. Role Description The Incident Responder (IR) is the main person responsible for the technical operational tasks necessary to provide our clients with a high quality, rapid and comprehensive … response to a breach. They will be at the forefront of all incidents and absolutely critical to the successful resolution. They will be intimately familiar with a wide variety of attacks from Ransomware to BEC, insider threat and DDoS to name just a few examples. The IR will be more »
is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incidentresponse, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incidentresponse procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incidentresponse management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »
is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incidentresponse, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incidentresponse procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incidentresponse management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »