1 to 25 of 300 Incident Response Jobs in the UK

ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and Incident Response Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incident response (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »

new tools and techniques to enhance the security posture Administer and mature tool configurations, optimize performance, and feature utilization Integrate tools to automate critical response tasks. Evaluate TVM tool and patches, updates, and perform maintenance Develop detailed documentation on TVM implementation, configuration, and processes Plan, develop, and implement new … security devices or services for TVM as needed Identify, create and mature cybersecurity operations processes. Assist with forensic investigations and incident response team (CIRT) activities.as needed Assist with security awareness activities (communications, posters, events, assessments) as needed Participate in incident runbook development Escalate pertinent findings in a … management expertise Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions. Experience and participation as needed with security incident and investigations Assist as needed with security awareness content such as communications, posters, presentations Experience with security management/configuration cloud tools and services more »

and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test more »

expand your skills in Digital forensics investigations. You would be part of a team that in the future could see you becoming skilled within Incident Response or becoming a future leader of the business. Role includes: Conducting analysis in either a lab or on client sites Secure and more »

for applications & infrastructure on a Sailpoint based project. Responsibilities: Applications deployment to AWS & Azure Managing code & configuration using Git Developing CI/CD pipelines Incident responses Monitoring of production systems Being part of/leading builds across systems Required skills. Active HO SC Expert in Azure & AWS environments Skilled more »

seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. Job Description … our MXDR services. Key Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incident response activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing … security infrastructure and workflows. Automation: Develop and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to more »

reviews and support the wider team with security best practice, testing and troubleshooting. Own the security posture of the solution, overseeing application vulnerability management, incident response and recovery process, and ensuring mitigation and escalation approaches are in place. Skill & Experience Minimum of 3 years’ experience in a security more »

security controls. Manage platform aspects of DR plans. Improve maintenance and patching procedures. Promote automation, tooling, and documentation. Participate in on-call cover and Incident Response. Contribute to change management. Qualifications: 3+ years' experience in datacentre, public cloud, or hybrid infrastructure. Experience with Windows Server and Azure-based services. more »

privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC’s clients in crisis to prepare, respond and recover from cyber attacks … detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase “cost to the attacker”. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence … understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

reviews, and adherence to processes and procedures. Develop and manage the security cloud migration process, identifying and addressing any gaps. Manage the Cyber Security Incident process and the Incident Response Team, conducting training exercises to prepare for real incidents. Proactively handle complaints and escalations, resolving issues before … they escalate. Act as the escalation point for security response incidents Conduct one to one performance reviews with team members to support their development. Maintain and enhance the security of IT services, coordinating with third parties for patching, vulnerability resolution, and system hardening. Create and update security documentation to … management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis and assessments, the CIA triad, social engineering, cryptography, confidentiality issues, and incident response best practices. Operate within an ITIL V3 and ISO27001 service delivery framework. Manage relationships with stakeholders. Work to meet defined Service Level more »

of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incident response team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incident response planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »

in all vendor and project activities. - Develop and maintain frameworks for security assessments. - Stay updated on emerging security threats and industry trends. - Participate in incident response and investigations. - Collaborate with procurement to evaluate and manage vendor security. - Review vendor documentation to assess security posture. - Apply risk management principles more »

roles: Experience with LogRhythm/Splunk, Darktrace (Threat Visualiser) and FireEye Network Communication Protocols experience (DNS, HTTP/S, SSL, SMTP etc..) Knowledge of Incident Response, log analysis and PCAP Analysis. If you are interested in any of these SOC roles and are working at any level across more »

Cyber Security Engineering Manager, you will help to deliver improvements across a number of our cyber security domains including; Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre and with other security functions as well as … of the Cyber Security Operations team, this role will support: Security Platform Optimisation, covering endpoint, network, cloud and logging technologies Security Orchestration Automation and Response, building security automation playbooks and integration's Security Data & Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in more »

Handle security incidents and escalations, manage 3rd-party technical support. Provide security metrics, maintain documentation, and collaborate on technology design. Oversee security platform support, incident response, and vulnerability management. Track cyber threats, support vulnerability analysis, and lead system patching and updates. Integrate security into BAU processes, maintain technical more »

of ERP systems/applications (SAP, IFS, Epicor all considered) Good understanding of the terminology relating to ERP (Order to cash, procurement, customer experience, incident response) Responsible for coordinating the development and maintenance of the ERP application Provide oversight to end-user support Comfortable with reporting – Power BI more »

Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »

and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. What you’ll be doing • Data Ingestion and Enrichment: o Configure Elasticsearch pipelines for data ingestion from various … of the SIEM infrastructure. • Security Engineering: o Contribute to security engineering projects, transitions, and transformations. o Work closely with security operations and associated security incident response systems o Stay informed about emerging threats and security best practices. • Keep abreast of relevant technologies in the area. This may entail more »

where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incident response efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). more »

incorporated into the business Risk Register. Participate in supplier reviews, serving as the subject matter expert in cybersecurity. Provide support during the Bank's incident response process involving suppliers. Contribute to the continuous monitoring of key third-party relationships. Enhance awareness of third-party cybersecurity risks through local more »

on a brand new end-to-end programme of work. Technical responsibilities: Experience designing and setting up Security Operations function/environments Experience reviewing incident response plans and advising on improvements Working experience with EDR platforms such as Sentinel or the likes of are crucial Strong knowledge of more »

previously built user - facing privacy and security capabilities knows how to ensure the integrity and protection of data , i.e. encryption , access controls , threat detection , incident response, GDPR, etc has worked on large corporate accounts , and is confident with the longer-lifecycle enterprise selling process is excited by the more »

be beneficial but equivalent experience or demonstratable equivalent knowledge will also be accepted. Cyber, Security, Information Security leadership, Technology, Management, Risk Management and Governance, Incident Response, Security Remediation, Security Policy Creation, Third Party Risk Management, Attack Surface Management Creation exposure and experience essential. The role holder will possess more »

network aspects of DR plans. Promote a culture of automation, tooling, and documentation. Simplify and optimize network solutions. Participate in on-call cover and Incident Response. Manage change control processes. Work with customers, partners, and vendors to shape solutions. Qualifications: 3+ years' experience in enterprise or datacentre networking. Hands more »