Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incidentresponse like a champion. Main Responsibilities • Mastermind IncidentResponse: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incidentresponse methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »
Senior IncidentResponse Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior IncidentResponse Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incidentresponse, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated IncidentResponse Consultant. This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your responsibilities will be more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … developing selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements.Participate in the development and testing of the security incidentresponse plan, act as the incidentresponse leader. Develop security, risk, and compliance reports and alerts.Participate in the yearly review of … includes a minimum of 5-years experience in Information Security.Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus\antimalware, IDS more »
endpoint protection solutions such as antivirus software, anti-malware tools, host-based intrusion detection/prevention systems (HIDS/HIPS), and endpoint detection and response (EDR) platforms. Ensure that endpoint protection software is up-to-date with the latest definitions, patches, and security updates to defend against emerging threats. … threats from compromising endpoints. Configure security policies and rules to enforce access controls, encryption, and other security measures to protect sensitive data on endpoints. IncidentResponse and Remediation: Respond to security alerts and incidents detected on endpoints by investigating the root cause, containing the threat, and initiating remediation … actions. Isolate infected endpoints from the network, quarantine malicious files, and remove malware infections to prevent further spread across the organization. Document incident details, response actions, and lessons learned to improve incidentresponse procedures and enhance endpoint security posture. Vulnerability Management: Conduct vulnerability assessments and scans more »
in an often demanding environment, give constructive feedback and work with the team to develop individual and team performanceIn and Out of Hours security response escalation point for any incident managementManage the Cyber Security Incident process/procedure, and the Cyber security IncidentResponse Team … leading war games and cyber security incident scenarios alongside the Cyber Security Manager to provide the IT department with the skills and knowledge of addressing any real cyber security incidentsManage post-cyber security incident forensic investigations and reporting, bringing in third party specialists if deemed necessaryKeep up-to … excellent understanding of security approaches: ISMS, risk analysis and assessments, the CIA triad, attack vectors including social engineering, cryptography, confidentiality issues and cyber security incidentresponse best practices, including triage and chain of custodyProactively identifies areas for improvement, shares lessons learned with colleagues and encourages others to do more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
ensuring clients' data and systems are secure and resilient. Position Summary: As a SOC Analyst, you will be responsible for monitoring security events, conducting incidentresponse, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats. … Key Responsibilities: Monitor security events and logs to identify potential security incidents. Perform incident analysis, classification, and response actions. Provide proactive threat intelligence and recommend mitigation strategies. Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations. Conduct threat hunting activities to identify potential … security breaches. Assist in the tuning of security monitoring tools and systems. Prepare comprehensive incident reports and participate in service review preparations. Maintain excellent communication with customers and internal teams. Stay updated with industry trends, emerging threats, and technological advancements. Required Qualifications: Bachelor’s degree in Cybersecurity, Information Technology more »
This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership … oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incidentresponse, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the … ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incidentresponse efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay more »
ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and IncidentResponse Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incidentresponse (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »
Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »
Glasgow, Lanarkshire, United Kingdom Hybrid / WFH Options
Morgan Stanley
DescriptionMajor Incident Manager Glasgow3246852 Morgan Stanley has a critical requirement for a Major Incident, Problem and Change Manager, known internally as an Enterprise Command Centre member (ECC), to work as part of our global Fusion Response team. Fusion Response consists of three response teams, with … the mission to lead rapid and comprehensive response and recovery operations in order to minimize impact from a broad range of business disrupting threats and incidents, from cyber and fraud to technology incidents, weather events, terror attacks, geopolitical unrest & pandemics. Fusion collaborates with partner organizations to understand, prepare for … respond to and learn from these events. The Enterprise Command Center (ECC, part of the Fusion Response team) is a high-performing globally distributed team that plays a mission critical role in Incident Management, Problem Management, Change Management and Significant Event Readiness. The ECC creates value by providing more »
Operations Team. This is a hands-on role that involves responding to cyber threats and incidents, performing digital forensics and investigations, and automating threat response playbooks. As a member of the team, you will have the opportunity to work on complex security challenges and work with engineers across the … of Klaviyo’s product, corporate, and cloud environments. What you’ll be doingTriage and respond to cyber threats, alerts and incidentsDrive end-to-end incidentresponse investigationsPerform host and network based log analysis in a cloud first environmentDevelop and codify threat response processes and playbooksPerform digital forensic … investigations to include analysis, collection, and preservation of evidenceBuild security tools to automate threat response tasksDevelop detailed post incident and investigation reportsCollaborate with detection engineers to identify threat detection use cases Work with engineering stakeholders to improve security posture post investigationsWe’d love to hear from you if more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
policies, standards, and procedures across the organization to maintain a secure environment. Operations: Oversee day-to-day security operations, including monitoring of security systems, incidentresponse, and investigation of security breaches. Awareness Training: Develop and deliver security awareness training programs to educate employees about cyber security best practices … and Regulatory Requirements: Ensure compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS) and lead efforts to maintain certifications and accreditations. IncidentResponse: Lead the response to security incidents, coordinate with internal teams and external stakeholders, and implement corrective actions to prevent recurrence. Tool more »
London, England, United Kingdom Hybrid / WFH Options
Sportradar
the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »
the SGS’s security strategy. Create and execute security roadmaps, considering business objectives and risk appetite. Stay informed about emerging threats and technologies. 2. IncidentResponse and Security Operations: Develop incidentresponse plans and coordinate security incident handling. Oversee security monitoring, vulnerability assessments, and penetration more »
and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incidentresponse environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incidentresponse processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »
and governance requirements. Essential Requirements: * 5 years of experience in a technical SOC or cybersecurity role, * 5 years experience of Cyber Security investigations and incidentresponse environments * Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. * Good all round knowledge of different threat scenarios … investigations, incidentresponse processes and remdiation techniques. * Good knowledge of cyber security systems and tooling * Reasonable knowledge of Security Information and Event Management systems * Reasonable knowledge of Firewall systems (Fortigate essential) * Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems * Good knowledge of common operating systems more »
scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them. Incident management. The team manage our security incidentresponse activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incidentresponse with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24/7 incident management. Beyond close daily collaboration with other security teams, SecOps engages with all teams across the business at every more »
reviews, and adherence to processes and procedures. Develop and manage the security cloud migration process, identifying and addressing any gaps. Manage the Cyber Security Incident process and the IncidentResponse Team, conducting training exercises to prepare for real incidents. Proactively handle complaints and escalations, resolving issues before … they escalate. Act as the escalation point for security response incidents Conduct one to one performance reviews with team members to support their development. Maintain and enhance the security of IT services, coordinating with third parties for patching, vulnerability resolution, and system hardening. Create and update security documentation to … management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis and assessments, the CIA triad, social engineering, cryptography, confidentiality issues, and incidentresponse best practices. Operate within an ITIL V3 and ISO27001 service delivery framework. Manage relationships with stakeholders. Work to meet defined Service Level more »
Riverbank House, 2 Swan Lane, London, United Kingdom, England
Man Group
Learn to prioritise events based on severity and impact to ensure timely responses. Develop Security Playbooks: Assist in the creation and maintenance of event response playbooks to standardize and streamline the handling of common security scenarios. Respond to Inquiries: Address business-related requests and inquiries concerning security events, providing … clear and concise information to stakeholders. Support IncidentResponse: Participate in incidentresponse efforts as needed, applying playbooks, and contributing to after-action reviews to improve future responses. Collaborate on Projects: Work closely with experienced analysts and engineers on projects to enhance security measures and implement more »
the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and IncidentResponse as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incidentresponse processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »
of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incidentresponse team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incidentresponse planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »