The Role The Cyber Response & Recovery Senior Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. … a broad range of cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s incidentresponse processes and methodologies. In this role we are looking for a person who can demonstrate strong technical background, significant experience in incidentresponse and digital forensics and is looking to grow into an incidentresponse leadership role as part of a growing team. You will be expected to lead a number of incidentresponse case managers and practitioners, as well as have the opportunity to work more »
organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. Your Role and Responsibilities As an IncidentResponse Consultant for the IBM Security X-Force IncidentResponse (X-Force IR) team, you will be responding to high profile … IBM stakeholders to provide integrated solutions to our clients’ most challenging problems. In this role you will have demonstrated skills in various elements of IncidentResponse, conducting computer intrusion investigations, and have a strong foundation in cyber security policy, operations and best practices, ideally in large enterprise environments. … CyberReason, Carbon Black, CrowdStrike and ReaQta as well as familiarity with forensic analysis tools such as X-Ways, EnCase Forensic or FTK and live response analysis. Furthermore, familiarity with Windows and Linux enterprise environments and systems such as Active Directory, Office 365, FWs, IPS/IDS, SIEMs, etc. is more »
ensure that appropriate security controls are in place for KPMG technology solutions. Role summary Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process Coordinate Security Incident management activities across Regions • Provide Member Firms with IncidentResponse advice and support through the regional … set up, and maintain repeatable Teams War Room structure Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements Give Service Management the Security context of any Security … Incident promoted to Major Incidents Assist in the delivery of Cyber War games and purple teaming activities Initiate US Advisory IR assistance requests Coordinate US Advisory IR activities when necessary Key accountabilities Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major more »
Senior IncidentResponse Manager Salary: Up to £120,000 + Great Benefits Package and Bonus UK Wide I am partnered with consultancy giant who are looking for a Senior IncidentResponse Manager to take ownership of their well-established IR function. They are looking for someone … a team of genuine SME’s. Responsibilities You will act as the technical lead, overseeing a team of highly skilled security operation analysts and incidentresponse team, dealing with some of the most complex incidents. Spearhead a variety of projects, collaborating with the wider cyber defence function within … across the wider cyber defence capability having a strong influence across the business, speaking with external clients. Requirements Proven experience leading across Digital Forensics & IncidentResponse in previous IncidentResponse function environments. Experience with tools for open-source investigation (WireShark, TCPDump, Netflow, etc.); network defence monitoring more »
operations team and the quality of third party services and deliverables, reviewing performance.Take the lead management responsibility for all cyber security event monitoring and incidentresponse services received from all partner organisations with a focus on our Managed Security Service relationship (MSS).Manage the search for cyber threats … that may go undetected in our environment that have evaded our automated security tools and defences.Accountable for Cyber Security incidentresponse management including the establishment, maintenance and improvement of cyber security incidentresponse plans, procedures, and playbooks.Promote security orchestration, automation, and response (SOAR) solutions for … systems and operational playbooks to enable efficient discovery of security events and response actions.Ideal experience:Minimum 5 years+ experience leading Cyber Security Operations teams.Practical experience of incidentresponse governance (lifecycles, frameworks, incident handling) and developing incidentresponse playbooks/processes, Security Orchestration, Automation and more »
As a member of Experians Global Security Office, the Enterprise Security Incident Manager functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centres (CFCs) response to significant cyber-security incidents according to Experians Global Information Security IncidentResponse Plan and processes. You will … be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incidentresponse and managing executive communications until incident termination. The candidate for this role must be a self-starter, capable of working independently … and have strong technical skills involving cyber-incidentresponse, strong writing skills and effective communication with leaders. This role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours, including holidays and weekends. Key Responsibilities more »
Job Description As a member of Experian’s Global Security Office, the Enterprise Security Incident Manager functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centre’s (CFCs) response to significant cyber-security incidents according to Experian’s Global Information Security IncidentResponse Plan and processes. You will be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incidentresponse and managing executive communications until incident termination. The candidate for this role must be a … self-starter, capable of working independently, and have strong technical skills involving cyber-incidentresponse, strong writing skills and effective communication with leaders. This role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours more »
line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incidentresponse processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incidentresponse process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incidentmore »
IncidentResponse/Threat Hunting Specialist London £90,000 + bens Sector: Professional Services, Commerce and Industry Job reference: 40942 I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incidentresponse/threat hunting specialist. … This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your responsibilities will be as follows: Work closely with clients going through cyber incidents, which may include Ransomware, BEC and cloud incidents. Working closely with the wider cyber function … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incidentresponse experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline more »
Manager, you will be responsible for overseeing the day-to-day security operations, implementing security measures, and mitigating security risks. Your expertise in cybersecurity, incidentresponse, and team leadership will be crucial in ensuring the protection of the organisation's assets, information, and systems.Key ResponsibilitiesSecurity Operations Leadership: Lead … and manage the security operations team, providing guidance, mentorship, and performance feedback to ensure the team's effectiveness and efficiency.Incident Response Management: Develop and implement incidentresponse procedures to promptly identify, assess, and respond to security incidents. Lead the team in conducting thorough investigations and root cause … and remediate identified vulnerabilities.Security Policies and Procedures: Establish and maintain security policies, standards, and procedures in line with industry best practices and compliance requirements.Security Incident Reporting: Provide timely and accurate reports on security incidents, threat trends, and the effectiveness of security measures to senior management.Security Awareness Training: Collaborate with more »
I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (IncidentResponse) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in IncidentResponse, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Global Information Security Operations ManagerThis is a senior technical lead position that will focus on MLP’s security incidentresponse and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment … activities across our log aggregation and SIEM platforms.Recommend, test, tune and implement SIEM and other tooling correlation rules.Identify false-positives from alerting, and perform incidentresponse, triage, incident analysis and remediation tasks.Recommend and develop new SIEM use cases/rules with engineering teams.Maintain documentation for the SOC … function, including training program for new Security Operations personnel.Participate in Information Security IncidentResponse activities for the Firm’s environment.Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries.Perform threat and vulnerability management functions including vulnerability scans and/or analyze results more »
Senior IncidentResponse Analyst Hybrid – Twice a week in the office (Heathrow Airport) Up to £80,000 + up to 20% bonus + Benefits ------------------------------------------------------------------------------------- Are you ready to tackle cyber threats head-on in a dynamic and high-stakes environment? Joining as a Senior IncidentResponse … on exceptional customer service and operational excellence. ------------------------------------------------------------------------------------- Skills and experience Minimum of 5 years’ experience in endpoint security, malware analysis, threat hunting, penetration testing, incidentresponse, reverse engineering, or digital forensics. Must have strong experience in the operational side. Comprehensive knowledge of AWS cloud infrastructure, including monitoring logs more »
Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »
of Threat Remediation is responsible for applying their extensive array of technical knowledge & experience to drive the remediation of complex technical challenges resulting from incidentresponse engagements and other related initiatives. This role requires ongoing proactive collaboration with various technical & non-technical business partners across the company, along … with incident responders during & after incidents. The incumbent will primarily focus on bolstering threat remediation capabilities in response to more significant technical challenges encountered by the team and serving as a champion for improvements to our security posture.This is an exciting opportunity to be part of a diverse … sources of risk for the company. Establish and maintain positive working relationships with key business partners across the organization. Proactively identify opportunities to support incidentresponse efforts through active participation in daily team calls and direct engagement with stakeholders.Take ownership of specific threat remediation projects stemming from incidentmore »
reference: 40942/PG I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incidentresponse/threat hunting specialist.This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. … but not limited to APT tracking and malware analysis.In order to be successful in your application, you will need:At least 3 years cyber incidentresponse experience.Certifications such as GCIH, GCIA or GCFA/E.Ideally, consultancy experience however, strong regulated exposure is also welcomed.Strong baseline threat hunting skills … and ideally, an interest in research focused tasks.This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe.Please contact pg@barclaysimpson for immediate consideration.IND123We seek individuals from a diverse talent pool and encourage applicants from more »
Senior IncidentResponse Manager Consultant Salary: Up to £105,000 + Great Benefits Package and Bonus Hybrid across the UK I am partnered with a consultancy giant who are looking for a Senior IncidentResponse Manager to take ownership of their well-established IR function. They … scale breaches, and coordinating the remediation. Responsibilities You will act as the technical lead, overseeing a team of highly skilled security operation analysts and incidentresponse team, dealing with some of the most complex incidents. Spearhead a variety of projects, collaborating with the wider cyber defence function within … wider cyber defence capability having a strong influence across the business, speaking with both internal and external stakeholders. Requirements In-depth knowledge of various IncidentResponse techniques and procedures. Evidence of responding to, containing, and remediating high profile and high severity incidents. Working knowledge of leading a technical more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »
is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incidentresponse, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incidentresponse procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incidentresponse management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »
is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incidentresponse, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incidentresponse procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incidentresponse management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »
are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and IncidentResponse team, along with a number of incidentresponse vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal IncidentResponse Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »
the automotive industry. They are looking for an experienced Security Operations Specialist to join them and assist them in developing and enhancing their Cyber IncidentResponse plan. This is a crucial role for the business as you will be implementing processes to ensure that the organization is prepared … to deal with any Cyber Security threats. Key Responsibilities Include: Developing Cyber Incidentresponse plans and organizing Cyber Incidentresponse exercises. Develop and implement Security Monitoring processes to detect and respond to cyber security incidents Working closely with engineering team to create robust vulnerability management processes. … The successful Candidate will have: Proven experience with Managed Detection and Response providers (MDR). Hands on experience with Endpoint Detection and Response tools such as SentinelOne or CrowdStrike. Strong communication skills Relevant certifications such as CISSP/CISM etc would be highly beneficial. This is an excellent more »
The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and IncidentResponse Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incidentresponse playbooks and procedures. Lead incidentresponse efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »