1 to 25 of 231 Permanent Incident Response Jobs in the UK

using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. … Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic analysis on serious security incidents using data from multiple sources to ensure threats are contained and eradicated effectively. Cyber Crisis Scenario Testing: Participate more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

party suppliers and external auditors. In addition to this, you will deliver awareness training, test and report on the businesss disaster recovery, continuity and incident response plans, and carry our internal audits of the InfoSec governance frameworks. In order to be suitable for this role, you must be more »

Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incident response and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/ more »

software engineering to automate IT operations tasks that would normally be performed by system administrators. These tasks include production system management, change management and incident response. A SRE spends no more than half their time performing manual IT operations and system administration tasks - analysing logs, performance tuning, applying patches more »

and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incident response environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incident response processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »

Hi All, I'm working with a global business looking for an Incident Response Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

training, consultancy, and solutions to regulated, high value and high threat environments. Kenyon International Emergency Services is a world leader in emergency planning and incident response. Air Partner Air Partner works with Climate and Development experts Climate Impact Partners, to allow clients to offset carbon emissions in support of more »

Senior Incident Response Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior Incident Response Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incident response, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »

where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incident response efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). more »

You will work closely with cross-functional teams to design, implement, and maintain robust and resilient systems, with a focus on automation, monitoring, and incident response. The role: • Working arrangements: Flexible – can be fully remote (UK residents only – unfortunately, Visa sponsorship is not offered for this role) Key Responsibilities … and performance in mind. Implement and maintain monitoring, alerting, and logging systems to proactively identify and resolve issues before they impact customers. Participate in incident response and on-call rotations, diagnosing and resolving production issues to minimize downtime and ensure service reliability. Conduct performance analysis and capacity planning more »

C&I SIR practice works with NCC Group clients to deliver prioritised programs of security improvements: in close collaboration with NCC Group security audit, Incident Response, Penetration and Red Teams. Security Consultants play key roles in these client assignments: as recognised security experts they drive change, as well … and their service providers on changes they will make. Key to this role is assessing and enhancing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews. As part of a project team, they … client Security Posture is materially impacted in a positive manner over the duration of an engagement. Assessing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews Providing technical input for work plans and more »

and infrastructure security throughout the development lifecycle. Automation: Develop and maintain automation scripts and tools for security testing, compliance, and deployment processes. Monitoring and Incident Response: Set up and monitor security alerts and logs, respond to security incidents, and conduct root cause analysis. Collaboration: Work collaboratively with development more »

computers to agreed specifications. Being involved in third-line support and projects such as migrations and implementations. Managing data backups. Supporting the IT Security Incident Response process. Logical troubleshooting to resolve issues. Hardware builds and desktop installations. Salary and Benefits: Salary: £30-35,000 Location: Portishead Work Arrangement more »

line with our drive towards operational excellence You will estimate costs, present ideas, and produce progress reports for CAPEX works You will learn expected incident responses, contribute towards incident reporting, RCAs and lessons learned to ensure a culture of continuous improvement You will ensure you have a good more »

in vendor/third-party audit and compliance management Strong understanding of security compliance and regulatory requirements - ISO 27001, PCI DSS, GDPR Experience with Incident Response, Business Continuity/Disaster Recovery (BC/DR) planning and testing Experience in data governance & Data Loss Prevention (DLP) projects Knowledge of more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

SAP systems. Role Maintenance: Regularly review and update SAP roles and Authorisations to ensure compliance with security standards and regulatory requirements. Security Monitoring and Incident Response: Monitor SAP systems for security breaches, unauthorized access, and suspicious activities. Respond promptly to security incidents and conduct forensic analysis when necessary. more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

and functional. Server and application patching and security product maintenance. IT hardware and software asset management - including polices that govern its disposal. Responsible for incident response activities from inception to remediation. Organise and evaluate regular internal and external vulnerability scans with the aid of our 3rd party providers more »

strategic goals, and drive implementation. End-to-End DLP Management: Managing all aspects of DLP within a business, including policy creation, deployment, monitoring, and incident response. Data Leakage Considerations: Awareness of potential ways data can leak out of an organisation External Data Sharing: Knowledge of secure methods for sharing more »