1 to 25 of 130 Incident Response Jobs in the UK excluding London

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incident response and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incident response and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »

Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incident response and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/… Responsibilities: Operating from our modern offices in Dorset, Senior SOC Analysts work within a four-day operational rota, collaborating closely with Digital Forensic and Incident Response teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and … log data to assess the severity and impact of threats. Incident Response and Analysis: Investigating and responding to security incidents promptly. Conducting in-depth analysis of security events to determine scope, impact, and root causes. Threat Hunting: Proactively searching for hidden threats and vulnerabilities within the organization's more »

will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events and more »

ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and Incident Response Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incident response (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »

Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

policies, standards, and procedures across the organization to maintain a secure environment. Operations: Oversee day-to-day security operations, including monitoring of security systems, incident response, and investigation of security breaches. Awareness Training: Develop and deliver security awareness training programs to educate employees about cyber security best practices … and Regulatory Requirements: Ensure compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS) and lead efforts to maintain certifications and accreditations. Incident Response: Lead the response to security incidents, coordinate with internal teams and external stakeholders, and implement corrective actions to prevent recurrence. Tool more »

the SGS’s security strategy. Create and execute security roadmaps, considering business objectives and risk appetite. Stay informed about emerging threats and technologies. 2. Incident Response and Security Operations: Develop incident response plans and coordinate security incident handling. Oversee security monitoring, vulnerability assessments, and penetration more »

reviews, and adherence to processes and procedures. Develop and manage the security cloud migration process, identifying and addressing any gaps. Manage the Cyber Security Incident process and the Incident Response Team, conducting training exercises to prepare for real incidents. Proactively handle complaints and escalations, resolving issues before … they escalate. Act as the escalation point for security response incidents Conduct one to one performance reviews with team members to support their development. Maintain and enhance the security of IT services, coordinating with third parties for patching, vulnerability resolution, and system hardening. Create and update security documentation to … management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis and assessments, the CIA triad, social engineering, cryptography, confidentiality issues, and incident response best practices. Operate within an ITIL V3 and ISO27001 service delivery framework. Manage relationships with stakeholders. Work to meet defined Service Level more »

risks associated with software products and hardware. Develop and implement risk mitigation strategies and contingency plans. Ensure compliance with relevant industry standards and regulations. Incident Response: Establish and maintain an effective incident response plan. Lead the investigation and resolution of cyber security incidents and breaches. Implement more »

with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incident response plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »

with the organization's goals and objectives. 2. Conduct regular vulnerability assessments and penetration tests to identify potential security risks. 3. Develop and maintain incident response plans to minimize the impact of security breaches and ensure timely resolution. 4. Perform risk assessments and develop risk mitigation strategies to … with network security protocols, firewalls, VPNs, and other security technologies. 5. Knowledge of vulnerability assessment and penetration testing tools and techniques. 6. Experience in incident response and managing security incidents. 7. Strong analytical and problem-solving skills. 8. Excellent communication and interpersonal skills, with the ability to convey more »

encourages their employees to gain recognition with industry certifications and to build their experience with exposure to new technologies, service delivery and post-breach incident response. A competitive salary and a great working environment is on offer here. What we need from you as a 2 nd Line IT … support issues and some 3 rd line support issues raised through the helpdesk Visits as required to customer sites to provide Technical Support or Incident Response Providing Systems, Network & Firewall Support Providing a pro-active response toNOCandSOCdetections in customer systems Visits as required to customer sites to … provide Technical Support or Incident Response Salary/package: £28,000 -£35,000 per annum. Monday to Friday9.00amto 5.00pm. Benefits: (Easy Access) Located near to the national road network. 3 miles to JunctionT4of theM6toll road and theA5,mile to theA38 Friendly open-door culture where employees are encouraged more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. What you’ll be doing • Data Ingestion and Enrichment: o Configure Elasticsearch pipelines for data ingestion from various … of the SIEM infrastructure. • Security Engineering: o Contribute to security engineering projects, transitions, and transformations. o Work closely with security operations and associated security incident response systems o Stay informed about emerging threats and security best practices. • Keep abreast of relevant technologies in the area. This may entail more »

We value continuous learning and encourage our staff to pursue industry certifications while gaining hands-on experience with cutting-edge technologies, service delivery, and incident response protocols. In return, we offer a competitive salary and an enriching work environment. What We're Looking For: Minimum 2 years of … our Helpdesk. Offer Systems, Network & Firewall Support. Respond proactively to NOC and SOC detections in Customer Systems. Conduct onsite visits for Technical Support or Incident Response as needed. Benefits: Embrace a friendly, open-door culture promoting personal and professional growth. Enjoy free on-site parking. Engage in social more »

robustness of IT security operations. The technical stack represents a blend of Azure, M365, IAM, Sentinel, Defender for Cloud and Log Monitoring. Responsibilities Security Incident Response: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … security vulnerabilities. Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting experience will be beneficial for automation and incident response tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud (Secure Score) Interested? Apply now to find out more more »

customization, and development. Expertise: as a subject matter expert (SME) in ServiceNow functional and operational modules, including Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). guidance and support to internal teams on module configuration, workflows, and integrations. Projects: expansion initiatives to deploy new … with a focus on architecture design and implementation. expertise in ServiceNow functional and operational modules such as Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). track record of leading expansion and integration projects within the ServiceNow environment. experience with ServiceNow customization, development, and more »

development. Module Expertise: Serve as a subject matter expert (SME) in ServiceNow functional and operational modules, including Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Provide guidance and support to internal teams on module configuration, workflows, and integrations. Expansion Projects: Lead expansion initiatives … a focus on architecture design and implementation. Strong expertise in ServiceNow functional and operational modules such as Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Proven track record of leading expansion and integration projects within the ServiceNow environment. Hands-on experience with ServiceNow more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »