19 of 19 CSIRT Jobs in the UK

in managing the organizational phishing response program. Review and distribute threat intelligence alerts to relevant stakeholders, assessing potential impacts on organizational assets. Monitor security alerts identified by SOC and CSIRT, participate in investigations, and assist in incident response activities including malware analysis and threat hunting. Collaborate with the CERT team in maintaining an up-to-date threat landscape and contributing More ❯

security projects and assisting with regulatory compliance. Daily tasks will involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. More ❯

Event Management (SIEM) tools like Splunk. Firewall & Proxy Audits: Review configurations and coordinate changes with infrastructure teams. Incident Response: Act as part of the Cyber Security Incident Response Team (CSIRT) to address threats. Compliance: Ensure alignment with ISO 27001, and other security standards. Risk Management: Maintain risk frameworks and produce assurance documentation. Secure by Design: Partner with project teams to More ❯

deal with the following activities: Monitor and identify security events and emerging threats associated with the product line you are managing and any dependencies; Act as the interface between CSIRT and Product teams as part of security incident activities; Deliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks; Engage in More ❯

access and permissions, Participate and maintain Active Directory and File Share security controls, Review and distribute threat intelligence alerts to relevant stakeholders, Monitor security alerts identified by SOC and CSIRT, work with the CERT team, Support and maintain ethe IT Security Risk register, contribute to security reporting and tracking security risk indicators. Required: 5+ years in IT Infrastructure Security, preferably More ❯

access and permissions, Participate and maintain Active Directory and File Share security controls, Review and distribute threat intelligence alerts to relevant stakeholders, Monitor security alerts identified by SOC and CSIRT, work with the CERT team, Support and maintain ethe IT Security Risk register, contribute to security reporting and tracking security risk indicators. Required: 5+ years in IT Infrastructure Security, preferably More ❯

access and permissions, Participate and maintain Active Directory and File Share security controls, Review and distribute threat intelligence alerts to relevant stakeholders, Monitor security alerts identified by SOC and CSIRT, work with the CERT team, Support and maintain ethe IT Security Risk register, contribute to security reporting and tracking security risk indicators. Required: 5+ years in IT Infrastructure Security, preferably More ❯

access and permissions, Participate and maintain Active Directory and File Share security controls, Review and distribute threat intelligence alerts to relevant stakeholders, Monitor security alerts identified by SOC and CSIRT, work with the CERT team, Support and maintain ethe IT Security Risk register, contribute to security reporting and tracking security risk indicators. Required: 5+ years in IT Infrastructure Security, preferably More ❯

access and permissions, Participate and maintain Active Directory and File Share security controls, Review and distribute threat intelligence alerts to relevant stakeholders, Monitor security alerts identified by SOC and CSIRT, work with the CERT team, Support and maintain ethe IT Security Risk register, contribute to security reporting and tracking security risk indicators. Required: 5+ years in IT Infrastructure Security, preferably More ❯

teams, along with Project Managers, focusing on risk identification, status reporting, and escalation. Skills Required Extensive experience with Web Application Security log analysis, preferably from a Cyber SOC/CSIRT background, with a willingness to upskill into WAF Engineering SME across CN WAF (AWS, Azure, GCP, Modsec) and Multi-Vendor WAF products (F5, Akamai, etc.). Strong experience with multiple More ❯

Junior Product Security Engineer Assist in embedding security best practices into Sonos product development lifecycle Location: Glasgow, Scotland, United Kingdom Job Tags: Operations About The Role Junior Product Security Engineer At Sonos we want to create the ultimate listening experience More ❯

Junior Product Security Engineer page is loaded Junior Product Security Engineer Apply locations Glasgow - Sonos Scotland time type Full time posted on Posted Yesterday time left to apply End Date: September 30, 2025 (30+ days left to apply) job requisition More ❯

security, digital forensics, malware analysis, threat hunting or some combination thereof. - Relevant industry certifications from SANS, ISC2, etc. - Experience working as part of a Computer Security Incident Response Team (CSIRT) - Familiarity/experience with AWS services and security concepts. Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make More ❯

role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities … and engineering, with a strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web More ❯

role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities … and engineering, with a strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web More ❯

role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. The successful … outage and bypass. We are not looking for Engineers that only list WAF as a past experience We are looking for people with: SOC/Threat/Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a … and engineering, with a strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities. Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web More ❯

UK Critical National Infrastructure (CNI) energy operator is appointing two contract Security Operations Managers who will work in lock-step: a Run Lead to steer and mature the live CSIRT Response Function, and a Build Lead to create new, minimum-viable capabilities and hand them into service. Both posts sit under the Cyber Security Response Manager and are driven by … clear responsibilities. - Promote continuous learning - capture lessons learned after every incident and incorporate them into updated runbooks and training sessions. ________________________________________ Run Lead - Key Outcomes - Day-to-day command of CSIRT/Response operations - own the shift rota, alert triage, escalation and service-improvement backlog. - Governance starter-pack - stand-up daily stand-ups, a Kanban board and a lightweight RACI so More ❯

We are looking for an experienced Application security specialist to join our Cyber team with a hyper focus on supporting our application security architecture and risk management programme. You will help us build out a world class capability to align More ❯

We are looking for an experienced Application security specialist to join our Cyber team with a hyper focus on supporting our application security and risk management programme. You will help us build out a world class security automations and remediation More ❯

We are looking for an experienced Application security specialist to join our Cyber team with a hyper focus on supporting our application security architecture and risk management programme. You will help us build out a world class capability to align More ❯