26 to 50 of 156 Incident Response Jobs in the UK excluding London

roles: Experience with LogRhythm/Splunk, Darktrace (Threat Visualiser) and FireEye Network Communication Protocols experience (DNS, HTTP/S, SSL, SMTP etc..) Knowledge of Incident Response, log analysis and PCAP Analysis. If you are interested in any of these SOC roles and are working at any level across more »

Plus Assessments for our customer base. Perform network security audits. Conduct external and internal penetration tests. Provide support during major security incidents across all incident response phases. Proactively monitor internal infrastructure using toolsets, remediate issues, and provide recommendations. Design, implement, and provide support for customer security solutions. Serve more »

strategic goals, and drive implementation. End-to-End DLP Management: Managing all aspects of DLP within a business, including policy creation, deployment, monitoring, and incident response. Data Leakage Considerations: Awareness of potential ways data can leak out of an organisation External Data Sharing: Knowledge of secure methods for sharing more »

team of highly skilled professionals, including Ph.D. qualified researchers, Crest Registered Testers, and BSI 27001 lead auditors. With expertise in system penetration, network intrusion, incident response, user awareness, and information governance, they are at the forefront of developing and delivering cutting-edge solutions, strategies, and services in the more »

365. Conducting engineering-based assessments on BMS and EMS-based alerts; evaluating operational and customer service risk; and reporting validated alarms in accordance with incident management (IM) procedures. Reporting issues pertaining to engineering systems availability and/or design efficiency; assessing technical design and O&M information; and associated … schematic drawings. Support the Preferred Maintenance Contractor (PMC) with first-line incident response, containment, and resolution, providing technical support and assistance to operational staff in the progression and closure of incidents. Produce and distribute service performance reports on technical third-party suppliers in accordance with agreed service levels. more »

C-SOC) with two laboratory sites. You will assist STFC's cyber team to define, practice,and verify the adequacy of the cyber critical incident response. You will also assist STFC's infrastructure team whomanage the BAU activities relevant to ongoing cyber assurance, patching, cyberreadiness, and routine incident … of relevant SME knowledge andexperience will ensure successful and secure project outcomes. What you'll needto succeed A relevant information security/information managementbackground. Incident management experience and an ability toquickly tailor responses to deal with fast-paced situations. Proven people & stakeholder management skills. Knowledge of Information Security standards more »

a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incident response plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incident response plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

Security across BAE Systems PLC’s global business, with members of the team working across GRC, Training and Awareness, Security Architecture, Threat Intelligence and Incident Response.Why BAE Systems?This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive more »

training, consultancy, and solutions to regulated, high value and high threat environments. Kenyon International Emergency Services is a world leader in emergency planning and incident response. Air Partner Air Partner works with Climate and Development experts Climate Impact Partners, to allow clients to offset carbon emissions in support of more »

preferred CIS - Risk and Compliance certification preferred CIS - Human Resources certification preferred CIS - Risk and Compliance certification preferred CIS - CSM certification preferred CIS - Security Incident Response certification preferred CIS - Vulnerability Response certification preferred Thorough understanding of ITIL frameworks and ITIL Foundations certification preferred. Bachelor's degree or more »

access control to prevent unauthorised access, data breaches, and cyber-attacks. Create technical documentation to assist colleagues in root cause analysis. Create and improve incident playbooks and runbooks. Stay up to date with the threat landscape. Requirements Proven experience in a cybersecurity role within a reputable business. Strong knowledge … understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, lateral movement. Experience with security monitoring, incident response, and vulnerability management. Understanding of malware analysis, intrusion detection/prevention systems, and endpoint security solutions. Ability to analyze and interpret security more »

business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical more »

SDDC Manager. Experience of vSphere HA recovery used across availability zones. Experience of Uplink Policy Design Experience of working with restraints of Computer Security Incident Response Team (CSIRT) Security Requirements Design experience within a Cloud-native environment and providing solutions which are affordable, good value and meet security more »

the women and men who serve in our armed forces and rely on the products and services this company creates. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world-class capability. more »

and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team more »

in an often demanding environment, give constructive feedback and work with the team to develop individual and team performanceIn and Out of Hours security response escalation point for any incident managementManage the Cyber Security Incident process/procedure, and the Cyber security Incident Response Team … leading war games and cyber security incident scenarios alongside the Cyber Security Manager to provide the IT department with the skills and knowledge of addressing any real cyber security incidentsManage post-cyber security incident forensic investigations and reporting, bringing in third party specialists if deemed necessaryKeep up-to … excellent understanding of security approaches: ISMS, risk analysis and assessments, the CIA triad, attack vectors including social engineering, cryptography, confidentiality issues and cyber security incident response best practices, including triage and chain of custodyProactively identifies areas for improvement, shares lessons learned with colleagues and encourages others to do more »

DescriptionMajor Incident Manager Glasgow3246852 Morgan Stanley has a critical requirement for a Major Incident, Problem and Change Manager, known internally as an Enterprise Command Centre member (ECC), to work as part of our global Fusion Response team. Fusion Response consists of three response teams, with … the mission to lead rapid and comprehensive response and recovery operations in order to minimize impact from a broad range of business disrupting threats and incidents, from cyber and fraud to technology incidents, weather events, terror attacks, geopolitical unrest & pandemics. Fusion collaborates with partner organizations to understand, prepare for … respond to and learn from these events. The Enterprise Command Center (ECC, part of the Fusion Response team) is a high-performing globally distributed team that plays a mission critical role in Incident Management, Problem Management, Change Management and Significant Event Readiness. The ECC creates value by providing more »

risks associated with software products and hardware. Develop and implement risk mitigation strategies and contingency plans. Ensure compliance with relevant industry standards and regulations. Incident Response: Establish and maintain an effective incident response plan. Lead the investigation and resolution of cyber security incidents and breaches. Implement more »

robustness of IT security operations. The technical stack represents a blend of Azure, M365, IAM, Sentinel, Defender for Cloud and Log Monitoring. Responsibilities Security Incident Response: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … security vulnerabilities. Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting experience will be beneficial for automation and incident response tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud (Secure Score) Interested? Apply now to find out more more »

Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct … counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Document incidents to contribute to incident response and disaster recovery plans. Perform internal and external security audits. In the case of third-party vendors, verify their security strength and … reporting Real Time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Be prepared to provide a Technical Escalation more »

cyber security risks associated with software products and hardware.Develop and implement risk mitigation strategies and contingency plans.Ensure compliance with relevant industry standards and regulations.Incident Response:Establish and maintain an effective incident response plan.Lead the investigation and resolution of cyber security incidents and breaches.Implement lessons learned to continuously more »

alerts - Analyse and respond to security events - Conduct root cause analysis and forensic investigations - Collaborate with IT and security teams to resolve incidents - Maintain incident response procedures and documentation Desirable Skills: - Experience with Microsoft technologies (Windows Server, Active Directory, Azure) - Knowledge of Elasticsearch and Linux - Familiarity with SIEM more »