Cyber IncidentResponse A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incidentresponse team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the IncidentResponse investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »
I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (IncidentResponse) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in IncidentResponse, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and IncidentResponse Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incidentresponse playbooks and procedures. Lead incidentresponse efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »
Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incidentresponse like a champion. Main Responsibilities • Mastermind IncidentResponse: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incidentresponse methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incidentresponse plan, act as the incidentresponse leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incidentresponse and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incidentresponse and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Head Resourcing
with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incidentresponse plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incidentresponse, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »
City Of London, England, United Kingdom Hybrid / WFH Options
i3
DLP. Collaborate with cross-functional teams to ensure the integration of security throughout the IT lifecycle. Investigate and respond to security incidents, and develop incidentresponse and disaster recovery plans. Ensure compliance with industry standards and global regulatory frameworks. Provide guidance and training to team members on cloud … Experience with SIEM tools, such as Splunk, ELK stack, or Azure Sentinel. Understanding of secure coding practices and experience with static code analysis tools. Incidentresponse and forensics skills. Relevant security certifications, such as CISSP, CCSP, or cloud platform-specific certifications Infrastructure as code: use Terraform and Azure more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, England, United Kingdom Hybrid / WFH Options
Indotronix Avani UK
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
fully remote. This role is only 2 days a week (14 Hours Weekly Minimum). The main responsibility is to develop and maintain cyber incidentresponse and recovery plans to guide the organisation's response to cyber incidents, including data breaches, ransomware attacks, and other security breaches. … Patch Management Project 5- Cloud Security Requirements: Good Knowledge with Azure Bastion In-depth knowledge and experience with MS Dynamics is essential Experience with Incidentresponse If you're interested, please reply with a CV and i will get back to you!! Thanks, Ryan more »
fully remote. This role is only 2 days a week (14 Hours Weekly Minimum). The main responsibility is to develop and maintain cyber incidentresponse and recovery plans to guide the organisation's response to cyber incidents, including data breaches, ransomware attacks, and other security breaches. … Project 5- Cloud Security Requirements: In-Depth Knowledge with Azure is essential In-depth knowledge and experience with MS Dynamics is essential Experience with Incidentresponse is essential If you're interested, please reply with a CV and i will get back to you!! Thanks, Ryan more »
Hi All, I'm working with a global business looking for an IncidentResponse Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »
is an open-source framework developed by Fox-IT for collecting and analyzing large amounts of forensic data. It is a game-changer in incidentresponse, used by leading cybersecurity companies and government agencies. It enables data acquisition and analysis on thousands of systems in minutes, regardless of … the DFIR team to deliver innovative solutions. Your expertise in Python and contribution to the Dissect Framework are essential for the success of the incidentresponse services and directly contribute to a safer society. Fox-IT We are Fox-IT, or Fox. We stand for making the world more »
Leeds, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »
Middlesbrough, England, United Kingdom Hybrid / WFH Options
GB Bank
created role we’ll ask you to lead on delivering the Bank's strategies and plans to align with industry standards and regulations for Incident Management, Operational Resilience, and Business Continuity. This is a really varied role would suit someone who is a self-starter, enjoys being hands-on … s Operational Resilience roadmap to help prevent, adapt, respond to, recover from, and learn from operational disruptions. Capture relevant information to determine whether an incident needs to be declared and then classifying the severity of the incident (minor to critical). Leading improvements in Business Continuity by designing … compliance status and delivery roadmaps. Work closely with outsourced service providers suppliers as required to implement recovery and resolution plans. Upon resolution of an incident, produce an incident report identifying root cause analysis and lessons learnt and improvements. Skills and experience – you are/will have most of more »
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job •Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. •Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. •Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. •Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. •Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. •Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. •Enhance security procedures to improve the organization's monitoring more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »
and looking for a Senior Security Analyst to join the Global Team. You will play a crucial role in ensuring effective security monitoring and incident response. This role will also be required to assist in the development, implementation, and maintenance of the IT Security program in the company. We … Security and ideally CISSP (although for the right candidate we can support the gaining of this qualification). Key responsibilities include: Security Monitoring and IncidentResponse Monitoring systems for signs anomalies, attacks, and unauthorized activities. Investigate potential incidents and provide timely feedback. Analyze events to identify trends, threats more »