City Of London, England, United Kingdom Hybrid / WFH Options
i3
DLP. Collaborate with cross-functional teams to ensure the integration of security throughout the IT lifecycle. Investigate and respond to security incidents, and develop incidentresponse and disaster recovery plans. Ensure compliance with industry standards and global regulatory frameworks. Provide guidance and training to team members on cloud … Experience with SIEM tools, such as Splunk, ELK stack, or Azure Sentinel. Understanding of secure coding practices and experience with static code analysis tools. Incidentresponse and forensics skills. Relevant security certifications, such as CISSP, CCSP, or cloud platform-specific certifications Infrastructure as code: use Terraform and Azure more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, England, United Kingdom Hybrid / WFH Options
Indotronix Avani UK
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Greater London, England, United Kingdom Hybrid / WFH Options
Trident Search
and allow them to offer the best service possible. This is a senior role, so plenty of experience within SecOps is vital, especially within incidentresponse and engaging with the wider business. This role will also see you have direct reports, so experience in a little leadership or … to further enhance capabilities Experience with malware analysis is essential as you will play a senior role in managing this process. Having ownership over incident management and ensuring incidents are closed out in a timely manner or escalated effectively. Risk analysis across multiple teams and technologies is also required … great internal security role, working with a reputable organisation and a talented team. If you have the right experience and are comfortable with your incidentresponse skills then please do go ahead and apply now. more »
existing team. You will be joining a developing team as a technical resource where you will have the opportunity to lead on projects around incidentresponse, vulnerability management, EDR scanning and more. You will work with an already wide ranging tech stack for an exciting scaling business with … exposure to Data Protection & GDPR would be highly sought after too. In this role you will: Work on a variety of technical projects across incidentresponse, vulnerability management, triaging and more Work with third parties and vendors to ensure full security coverage Provide support to the governance and more »
Warrington, Cheshire, United Kingdom Hybrid / WFH Options
Matchtech Group PLC
defined processes.Supporting accreditation activities with the client and regulating authorities.Conducting security reviews and audits in accordance with defined processes.Conducting security operations, including Protective Monitoring, Incident Management, IncidentResponse, and Incident Recovery activities.If you would like to learn more about the opportunities available please get in touch. more »
Hi All, I'm working with a global business looking for an IncidentResponse Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »
with cross-functional teams to identify and mitigate cybersecurity risks, develop policies and procedures, and ensure compliance with regulatory requirements. Additionally, you will lead incidentresponse efforts, conduct security awareness training, and stay abreast of emerging threats and technologies to continuously enhance the security posture. It is important … of security policies, standards, and procedures Conduct risk assessments and develop mitigation plans to address cybersecurity threats Manage security operations, including monitoring, detection, and incidentresponse Collaborate with IT and other departments to ensure security controls are effectively integrated into systems and processes Provide leadership and guidance to more »
and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incidentresponse, and overall security posture. What you’ll be doing • Data Ingestion and Enrichment: o Configure Elasticsearch pipelines for data ingestion from various … of the SIEM infrastructure. • Security Engineering: o Contribute to security engineering projects, transitions, and transformations. o Work closely with security operations and associated security incidentresponse systems o Stay informed about emerging threats and security best practices. • Keep abreast of relevant technologies in the area. This may entail more »
Lichfield, Staffordshire, West Midlands, United Kingdom
In Technology Group Limited
We value continuous learning and encourage our staff to pursue industry certifications while gaining hands-on experience with cutting-edge technologies, service delivery, and incidentresponse protocols. In return, we offer a competitive salary and an enriching work environment. What We're Looking For: Minimum 2 years of … our Helpdesk. Offer Systems, Network & Firewall Support. Respond proactively to NOC and SOC detections in Customer Systems. Conduct onsite visits for Technical Support or IncidentResponse as needed. Benefits: Embrace a friendly, open-door culture promoting personal and professional growth. Enjoy free on-site parking. Engage in social more »
Chester, England, United Kingdom Hybrid / WFH Options
Digital Gurus
robustness of IT security operations. The technical stack represents a blend of Azure, M365, IAM, Sentinel, Defender for Cloud and Log Monitoring. Responsibilities Security IncidentResponse: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … security vulnerabilities. Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting experience will be beneficial for automation and incidentresponse tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud (Secure Score) Interested? Apply now to find out more more »
customization, and development. Expertise: as a subject matter expert (SME) in ServiceNow functional and operational modules, including Virtual Agent (VA), Human Resources (HR), and IncidentResponse Management System (IRMS). guidance and support to internal teams on module configuration, workflows, and integrations. Projects: expansion initiatives to deploy new … with a focus on architecture design and implementation. expertise in ServiceNow functional and operational modules such as Virtual Agent (VA), Human Resources (HR), and IncidentResponse Management System (IRMS). track record of leading expansion and integration projects within the ServiceNow environment. experience with ServiceNow customization, development, and more »
is an open-source framework developed by Fox-IT for collecting and analyzing large amounts of forensic data. It is a game-changer in incidentresponse, used by leading cybersecurity companies and government agencies. It enables data acquisition and analysis on thousands of systems in minutes, regardless of … the DFIR team to deliver innovative solutions. Your expertise in Python and contribution to the Dissect Framework are essential for the success of the incidentresponse services and directly contribute to a safer society. Fox-IT We are Fox-IT, or Fox. We stand for making the world more »
experience, knowledge, and desire to continuously improve. Deliver solutions within the appropriate framework and methodology whilst ensuring the supportability of services delivered. Experience with incident detection, incidentresponse, and forensics. Experience with Firewalls (functionality and maintenance), Microsoft Office 365 Security, XDR, and Endpoint Security. Proficiency in a more »
Leeds, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »
Head Cyber Security Operations, CISO and other stakeholders across Group businesses. Act as Silver commander for Cyber Security Incidents, leading on tactical support in response to a security incident and coordinate response efforts to minimise the impact of cyber threats and avoid/reduce business impact across … all Group businesses. (This may from time to time involve acting as silver commander leading on a cyber security incident outside of typical business hours) Provide reporting on ticket activity and SLA adherence on a weekly basis to the Group IS management team across all Group businesses to Group … for improvement. Stay informed about the latest cybersecurity trends and threats to proactively protect the organisation's digital assets. Develop, maintain, and test cyber incidentresponse plans, playbooks, and procedures to ensure a timely and effective tactical response to cyber incidents across all Group businesses in collaboration more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
new tools and techniques to enhance the security posture Administer and mature tool configurations, optimize performance, and feature utilization Integrate tools to automate critical response tasks. Evaluate TVM tool and patches, updates, and perform maintenance Develop detailed documentation on TVM implementation, configuration, and processes Plan, develop, and implement new … security devices or services for TVM as needed Identify, create and mature cybersecurity operations processes. Assist with forensic investigations and incidentresponse team (CIRT) activities.as needed Assist with security awareness activities (communications, posters, events, assessments) as needed Participate in incident runbook development Escalate pertinent findings in a … management expertise Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions. Experience and participation as needed with security incident and investigations Assist as needed with security awareness content such as communications, posters, presentations Experience with security management/configuration cloud tools and services more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
I3 Resourcing Limited
DESIRABLE Key responsibilities: Application and infrastructure planning and testing including integrations Maintaining CI/CD pipelines Automation implementation Guidewire Cloud Console configuration On-call, incidentresponse and incident management Monitoring the software development process through its entire lifecycle and ensuring adherence to security standards Regularly updating or more »
and looking for a Senior Security Analyst to join the Global Team. You will play a crucial role in ensuring effective security monitoring and incident response. This role will also be required to assist in the development, implementation, and maintenance of the IT Security program in the company. We … Security and ideally CISSP (although for the right candidate we can support the gaining of this qualification). Key responsibilities include: Security Monitoring and IncidentResponse Monitoring systems for signs anomalies, attacks, and unauthorized activities. Investigate potential incidents and provide timely feedback. Analyze events to identify trends, threats more »
Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct … counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Document incidents to contribute to incidentresponse and disaster recovery plans. Perform internal and external security audits. In the case of third-party vendors, verify their security strength and … reporting Real Time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Be prepared to provide a Technical Escalation more »