1 to 25 of 103 Root Cause Analysis Jobs in Yorkshire

translate threat intelligence feeds into actionable detection and response actions Monitor and analyze security logs for attacker tactics, techniques and procedures (TTPs), filtering through suspicious activities to determine their root cause and perform remediation activities as appropriate Creating, testing and validating Maples security capabilities to identify vulnerabilities/gaps and build appropriate detection and response countermeasures Serve as … incident response and forensics Experience in Threat hunting & IR experience in Windows and/or Linux environments, cloud/hybrid environments Proficient in SIEM and log management configuration and analysis Experience with Security Orchestration Automation and Response tools Experience/familiarity with Cyber Intelligence, Threat Operations, Penetration Testing, Red Teaming, Incident Response and Threat Hunting methodologies Experience with intrusion … Development, Rest, and/or shell scripting Ability to drive architectural design decisions, solve technical problems, and make improvements to our systems and processes Ability to troubleshoot and perform root cause analysis of incidents to identify solutions, next steps, and issue mitigation BENEFITS & REWARDS The most enduring professional relationships are reciprocal relationships. The Maples Group prioritises employee More ❯

hybrid and flexible working arrangements available. Please consult your recruiter for details. Grade: GG10 - GG11 Referral Bonus: £5,000 Job Description Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomalies without existing playbooks. Mentor team members and share knowledge proactively. … red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating the need for improvements through scenarios and red teaming. Perform complex threat hunting, automation, and analytic enrichment tasks. Set vision and milestones for emulation and detection capabilities, influencing More ❯

is delivered it is at the highest possible standard Responsible for ensuring that all relevant process is effectively documented and regularly reviewed Responsible for providing well-reasoned and sound analysis, context and predictions into relevant deliverables Responsible for assessing the maturity of the function within the client and identifying areas for improvement, productising those improvements and delivering them Be … a point of contact for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of non-standard analytic findings and anomaly detections for which a playbook does not yet exist. Responsible for ensuring that during times of reduced capacity that all ADHOC and regular products are completed and are at a sufficient More ❯

is delivered it is at the highest possible standard Responsible for ensuring that all relevant process is effectively documented and regularly reviewed Responsible for providing well-reasoned and sound analysis, context and predictions into relevant deliverables Responsible for assessing the maturity of the function within the client and identifying areas for improvement, productising those improvements and delivering them Be … a point of contact for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of non-standard analytic findings and anomaly detections for which a playbook does not yet exist. Responsible for ensuring that during times of reduced capacity that all ADHOC and regular products are completed and are at a sufficient More ❯

and GCP , ensuring resilience, cost-efficiency, and data security. Collaborate closely with infrastructure, architecture, and cybersecurity teams to meet internal risk, compliance, and governance requirements. Support live systems, perform root cause analysis, and implement solutions for incidents and performance bottlenecks. Qualifications and experience The ideal candidate for this role will have the below experience and qualifications: Bachelor More ❯

and GCP , ensuring resilience, cost-efficiency, and data security. Collaborate closely with infrastructure, architecture, and cybersecurity teams to meet internal risk, compliance, and governance requirements. Support live systems, perform root cause analysis, and implement solutions for incidents and performance bottlenecks. Qualifications and experience The ideal candidate for this role will have the below experience and qualifications: Bachelor More ❯

and GCP , ensuring resilience, cost-efficiency, and data security. Collaborate closely with infrastructure, architecture, and cybersecurity teams to meet internal risk, compliance, and governance requirements. Support live systems, perform root cause analysis, and implement solutions for incidents and performance bottlenecks. Qualifications and experience The ideal candidate for this role will have the below experience and qualifications: Bachelor More ❯

and GCP, ensuring resilience, cost-efficiency, and data security. Collaborate closely with infrastructure, architecture, and cybersecurity teams to meet internal risk, compliance, and governance requirements. Support live systems, perform root cause analysis, and implement solutions for incidents and performance bottlenecks. Required Skills/Experience: Bachelor's or Master's degree in Computer Science or equivalent industry experience. More ❯

Ensure accurate timely, proactive communications with key stakeholders through Incident/Major Incident lifecycle. Ensure 3rd party suppliers fulfil their contractual obligations, especially with regard to SLAs for incidents, root cause analysis, monitoring trends and problem resolution. Plan, execute, document and track appropriate follow up activities relating to Major Incidents ensuring that a Problem Record is created More ❯

cloud environments, including compute and storage scalability Containerisation & Virtualisation: Familiarity with virtual and physical server provisioning, especially in strategic data centres Platform Resilience & Observability: Designing for uptime, performance, and root cause analysis. Web Services & APIs: Used for Integration with 24+ LBGI systems Batch Processing: Understanding of batch suite performance and scheduling constraints RPA & Automation (Batching): Familiarity with robotic … process automation Log Aggregation & Analysis: Tooling for log interrogation and root cause analysis (e.g., Splunk, Dynatrace). Dashboarding: Real-time analytics dashboards for infrastructure and application health Support & Troubleshooting: Remote operations, incident response, and environment health checks. About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

complex incidents using tools like SCCM, MS Endpoint, Intune, PowerShell, and Active Directory (on-prem and Azure AD). Lead incident and problem management processes, ensuring timely resolution and root cause analysis reporting. Maintain accurate records in ITSM platforms (e.g., ServiceNow, Remedy, HEAT). Support ITIL-aligned service delivery and act as a core member of the More ❯

using data (including from large data sets) and metrics to isolate issues, test theories, confirm assumptions, generate ideas, prioritize opportunities, execute and measure success - Experience in complex problem solving, root cause analysis in a business environment - Intermediate or advance proficiency with Microsoft Excel, knowledge in SQL - Demonstrated experience leading large-scale, complex cross-functional projects - Proven track More ❯

Referral Bonus: £2,000 Job Description Conduct cyber security monitoring to detect hacking/malware intrusion attempts against customer IT. Perform full triage of detection alarms to identify the cause, such as active infection, intrusion attempt, or false positive. Identify and document attack sources, techniques, tactics, and procedures (TTPs), and assess attack extent. Capture and feed back attack chain … details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks aligned with attacker TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operation centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC … and anomaly-based threat hunts, and identify root causes. Identify and tag incorrect alert logic and high false positive detection rules for review. Transform internal and partner threat intelligence into actionable detections. Coach junior analysts and colleagues as needed. Lead threat hunting workgroups during events for complex TTPs across industries. Deliver ad-hoc training and workshops to promote security More ❯

Referral Bonus: £2,000 Job Description Conduct Cyber Security Monitoring to detect hacking/malware intrusion attempts against customer IT. Perform full triage of detection alarms to identify the cause, such as active infection, intrusion attempts, or false positives. Identify and document attack sources, techniques, tactics, and procedures (TTPs) used in detected attacks, from start to finish. Capture and … feed attack chain details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving attacker TTPs. Use Intrusion Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and … events for complex TTPs across industries. Deliver ad-hoc training and workshops to promote security awareness and knowledge sharing. Provide daily SITREPs on attacker activity. Experience Knowledge of Intrusion Analysis on Windows devices and servers. Knowledge of Intrusion Analysis in Azure, including attacker methods like ‘living off the cloud’ using Microsoft Graph API, app registrations, and managed identities. More ❯

Managers and Service Owners to accelerate incident diagnosis and resolution, reducing TTR and restoring services quickly and safely. Bring calm, coordination, and engineering clarity to high-pressure recovery efforts. Root Cause Ownership & Long-Term Resilience Collaborate with Problem Managers, Product SRE, and Platform Engineering teams to identify and eliminate systemic causes of major incidents. Own and drive long … Build, scale, and lead a high-performing global team with deep technical skills and a culture of urgency, ownership, and collaboration. Drive a blameless, learning-focused culture that emphasizes root cause thinking, accountability, and continuous improvement. Act as a trusted partner and thought leader across Engineering, Infrastructure, Risk, and Service Management functions. Qualification and Skills: Proven experience in … Operations Demonstrated experience leading global technical teams in complex, high-scale environments. Deep expertise in incident recovery, automation, systems design, and platform reliability. Strong working knowledge of problem management, root cause analysis frameworks, and resilience engineering principles. Experience designing and running resilience exercises, chaos engineering, or incident scenario testing at scale. Comfortable operating in regulated environments and More ❯

infrastructure as code (IaC) solutions using tools like Terraform Manage AWS/Azure services, including ECS/Container Apps, S3/blob storage etc Participate in incident response, conducting root cause analysis and post-incident reviews. Automate manual tasks to improve operational efficiency and reduce technical debt. Minimum Qualifications: Bachelor’s degree in Computer Science, Information Technology … Datadog, or other observability platforms. Automation and Scripting: Proficiency in Python, Bash, or other scripting languages to automate tasks. Incident Management: Ability to lead incident response efforts and conduct root cause analysis. Collaboration and Communication: Strong interpersonal skills to work effectively across teams and with stakeholders. Training in secure coding practices (preferred) Our Fantastic Benefits We offer company More ❯

on behalf of the customer to appropriate technical resources, coordinating global interaction between other Regional Support Services, Global Support Network (GSN), Problem Management and third-party vendors. – (5%) Perform root cause analysis on high priority Incidents and document recommendations to prevent reoccurrences – (10%) Recommend service and product improvements to transform the Service from a reactive to a More ❯

that cannot be addressed by First or Second Line support. You will play a key role in maintaining and improving the organisation’s IT infrastructure, performing deep-dive diagnostics, root cause analysis, and implementing long-term solutions. In addition to supporting escalated incidents, you will contribute to system design, strategic projects, and continuous service improvement. Key Responsibilities … Expert-Level Support & Issue Resolution Take ownership of high-level, complex incidents and problems escalated from Second Line Support Perform in-depth diagnostics and root cause analysis across infrastructure, systems, and applications Develop and implement long-term fixes and preventative measures to reduce repeat incidents Infrastructure Management & Improvement Maintain, monitor, and optimise servers, storage, networking, and virtual … support role Strong expertise in server administration, networking, virtualisation, and storage solutions Solid understanding of IT security principles and best practices Ability to carry out detailed troubleshooting and perform root cause analysis Experience managing or contributing to technical projects and service improvements Proficiency in tools such as Active Directory, Group Policy, Office 365, Exchange, and Windows Server More ❯

assess attack scope. Document attack chain details and update detection capabilities accordingly. Maintain monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause analysis. Create KQL analytics and … threat hunting workgroups during complex TTPs across industries. Deliver training and workshops to promote security awareness and knowledge sharing. Provide daily SITREPs on attacker activity. Experience Knowledge of intrusion analysis on Windows devices and servers. Experience with intrusion analysis in Azure, including attacker methods like ‘living off the cloud’ (e.g., Microsoft Graph API, app registrations, managed identities). … tools and techniques quickly. Good working knowledge of MITRE ATT&CK framework. Understanding of networking concepts and protocols (TCP/IP, UDP, DNS, DHCP, HTTP). Experience with intrusion analysis on Windows and Azure cloud architecture. Relevant certifications such as SANS GCIH, GCIA, or similar. Understanding of operating system functionalities. Develop hypotheses and perform threat hunting in Azure cloud More ❯