1 to 25 of 98 Incident Response Jobs in London

Our Incident Response Associates are a critical part of our Cyber Security division's success. As a Response Associate (Technical Lead), you will deploy your incident response expertise in a senior delivery role across our incident response services. You will work across the … full lifecycle of security incidents to help our clients respond and recover, including: Leading technical incident response from first contact through to closure: you will be the primary technical resource on response cases, deploying your own expertise, creating tailored strategies for response workstreams, and offering guidance … to colleagues on your project team. Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the more »

Senior Incident Response Consultant - Hybrid - London - Circa £85k My client is a global consultancy who are building out a billable incident response team to further develop and polish the company's overall service offering. They are looking for a strong incident response consultant who … can independently investigate incidents and manage/engage with clients. Responsibilities of an Senior Incident Response Consultant: Manage and coordinate cyber security incidents Act as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating further attacker activity across endpoints … cloud, and network infrastructure Work closely with the CTI team and create playbooks Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Have the ability to advise clients on the threat landscape and attacks that may be relevant to them Have an understanding of more »

Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring … Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures. Response: Lead and coordinate incident response activities, develop and maintain incident response plans, and escalate incidents … as necessary, ensuring adherence to major incident processes. Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds. Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure. Collaborate more »

solutions Becrypt deliver. Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary. Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve … incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. … Escalation management in the event of a security incident. Follow major incident process. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and more »

line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident more »

mitigating cyber risks, manage various vendor and third-party supplier relationships, and act as a key point of contact when overseeing vulnerability management and incident response processes. This role requires a deep understanding of cyber risk, stakeholder and vendor management skills, and expertise in vulnerability management and incident response processes. Main responsibilities: Conduct cyber risk assessments to identify vulnerabilities and threats. Analyse existing security measures and recommend enhancements to mitigate identified risks. Collaborate closely with internal stakeholders across various departments to understand their unique cybersecurity needs and requirements. Evaluate third-party vendors and assess their cybersecurity … and oversee vulnerability management processes to proactively identify and remediate security vulnerabilities. Coordinate with relevant teams to prioritise and address vulnerabilities. Develop and maintain incident response plans and procedures to effectively respond to cybersecurity incidents such as data breaches, malware infections, or unauthorised access. Lead incident response more »

Job Overview: Sportingtech is seeking a dedicated and experienced Major Incident Manager with a strong aptitude for command and coordination. This role is crucial for efficiently managing and resolving major incidents to minimise service impact and maintain exceptional user experiences. Additionally, this role involves regular Incident Management responsibilities … and requires an on-call commitment to address critical issues promptly. Key Responsibilities: Major Incident Command and Coordination: Take charge of leading and commanding bridge calls during major incidents, demonstrating exceptional control, coordination, and leadership skills. This role involves directing cross-functional teams, managing stakeholder communication effectively, and executing … recovery strategies to ensure quick resolution and minimal service disruption. Regular Incident Management: Assume regular Incident Management duties, handling and resolving day-to-day IT incidents, especially during periods without major incidents. On-Call Duties: Participate in an on-call rotation, being readily available to manage and respond more »

I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incident response experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

security contact for UK clients Be responsible for the investigation and resolution of security related events from various security appliances and toolsets Develop security incident response plans & procedures including Security Incident Crisis/Emergency Management Ensure integration of new security services within the monitoring and detection capability … to respond to security threats of the future Oversee relationship with MDR vendor to deliver SOCaas service Oversee internal CSIRT programme Coordinate the post-incident review process, drive practical and impactful changes throughout the phases of the incident response lifecycle Enhance security capabilities by building security tools more »

you will work with our clients various vendors and 3rd party suppliers to manage security risks internally and externally, in addition to participating in incident response and vulnerability management activities. We are looking for people who have a strong background in managing risks with vendors, incident response … strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead incident response efforts related to security vulnerabilities, including investigation, containment, and remediation. Conduct regular vulnerability scans and penetration tests to identify and address security … risk assessments, findings, and remediation plans. To be considered for this role, you should have: Prior strong experience in vulnerability management, risk assessments, and incident response. Strong understanding of common security vulnerabilities and attack vectors. Experience with vulnerability scanning tools such as Nessus, Qualys, or similar. Familiarity with industry more »

about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities Own … the evolution and growth of the Security Service and represent the security function (including the 24/7 Incident Response capability) within the business. Grow, develop and lead a team of security professionals ensuring employee engagement. Empower your staff to deliver first-class service. Keep up to date … of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing operational improvement actions such as development and tuning of security monitoring, alerting, and reporting. It goes without saying that this more »

vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incident response plan, act as the incident response leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ more »

This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership … oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the … ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incident response efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay more »

Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »

Ensure secure handling of application secrets (API keys, passwords, etc.) throughout their lifecycle. Participate in on-call rotation, providing 24x7 escalation capabilities Participation within incident response efforts as Incident Commander. Other duties as assigned or directed. Education, Experience, and Skills required Proven experience as a Senior Active … commercial orchestration tools. Experience with creating and reviewing workflow processes and technical documentation. Comfortable with mentoring other team members, providing guidance and direction during incident response and engineering efforts. Familiarity with regulations and frameworks such as NIST, PCI, SOC, HIPAA, SSAE 16/SOC 1, SOC 2, ISO more »

client and their vendors/3rd party suppliers. Our client is looking for candidates who hold strong skills in vulnerability management, vendor relationship management, incident response, and possess a deep understanding of cyber risk. Main Responsibilities: Develop and implement cyber risk management strategies, policies, and procedures. Lead vulnerability … assessing, prioritising, and remediation of vulnerabilities. Establish and maintain strong vendor relationships to ensure third-party vendors comply with cybersecurity requirements and standards. Oversee incident response activities, including incident detection, analysis, containment, eradication, and recovery. Conduct risk assessments to identify potential cyber threats and vulnerabilities. Manage various … To be considered for this role, you should have: Must have a strong background in cyber risk management, vulnerability management, vendor relationship management, and incident response. Strong understanding of standards such as PCI-DSS, NIST, ISO27001, GDPR, and similar. Proven track record of developing and implementing effective cyber risk more »

the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and Incident Response as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incident response processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »

high priority incidents. What you'll bring +5 years' experience within a technical Security Operations role. +5 years' experience of Cyber Security Investigations and Incident Response environments. Good knowledge of Anti-malware, or Endpoint Detection and Response (EDR) systems. Good all-round knowledge of different threat scenarios … investigations, incident response processes and remediation techniques. Good knowledge of cyber security systems and tooling. Reasonable knowledge of Security Information and Event Management (SIEM) systems. Reasonable knowledge of Security Orchestration, Automation and Response (SOAR) systems. Good knowledge of User Behaviour Analytics (UBA) systems. Good knowledge of common more »

experience with SIEM (Security Information and Event Management) tools will be instrumental in identifying and mitigating security threats proactively. Responsibilities: 1. Security Monitoring and Incident Response: - Utilize SIEM tools such as Microsoft Sentinel to monitor security events and respond promptly to potential threats. - Investigate security incidents, analyse root … causes, and implement necessary remediation actions. - Develop and maintain incident response procedures to ensure timely and effective handling of security breaches. 2. Vulnerability Management: - Conduct regular vulnerability assessments and penetration tests to identify weaknesses in our systems and infrastructure. - Collaborate with system administrators and developers to remediate vulnerabilities more »

switches, load-balancers, security device management systems, IDS/IPS, and DDoS mitigation systems. - Work in line with change control and configuration management processes. Incident Response: - Manage day-to-day network and security incident response, - Investigate, research, and analyze security incidents. - Use established procedures for incident more »

solutions tailored to the business's requirements. Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incident response, monitoring, endpoint security, identity and access management, network security, and cryptography. Assist in developing and maintaining security policies, processes, incident response more »

you an accomplished Security Operations professional looking to join a Global Team. Can you play a crucial role in ensuring effective security monitoring and incident response? This role could be for you. The successful individual will be required to assist in the development, implementation, and maintenance of an … hold professional qualifications within security e.g Security+, AWS Security or MA Azure Security and ideally CISSP. You will be responsible for: Security Monitoring and Incident Response Threat Intelligence Security Infrastructure Management Documentation and Reporting Candidates who can show hands on experience with security tools across SIEM/EDR more »

skills and Experience -you will have prior experience as acting as either a lead or an escalation point to the SOC -prior experience with incident response, threat and vulnerability management -development of incident response plans, processes and procedures -Working with Security frameworks MITRE, cyber kill chain more »