1 to 25 of 161 Forensic Analysis Jobs in the UK

VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell More ❯

VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell More ❯

phishing attempts and data breaches. Perform incident response, including triaging, investigation, and resolution of security incidents. Analyse network traffic, logs, and alerts to detect malicious activity. Conduct root-cause analysis on security breaches and vulnerabilities. Prepare and maintain detailed incident reports and post-incident documentation. Collaborate with other teams to improve overall security posture. Implement and follow standard operating … in a SOC or similar role. Experience with SIEM tools and performing security investigations. Strong understanding of networking concepts, protocols, and security principles. Knowledge of security incident handling, malware analysis, and threat intelligence. Excellent problem-solving skills and attention to detail. Experience with advanced threat detection techniques and tools. Hands-on experience with forensic analysis, malware reverse More ❯

correlate security alerts. o Take ownership of Tier 3- level escalations from Tier 1 and Tier 2 analysts and guide them through complex incident response procedures. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioral analysis and threat intelligence data. o Analyze data from logs, network traffic, endpoint activities, and threat intelligence feeds … to detect unusual or malicious activity. o Collaborate with other security teams to uncover hidden threats and vulnerabilities. o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements. o Prepare reports … findings on emerging threats. o Develop and maintain custom detection signatures or playbooks to enhance detection and response capabilities. 7. Reporting & Documentation: o Create detailed incident reports, including technical analysis and recommendations for mitigation. o Present findings to management and external stakeholders, such as clients or regulatory bodies, when necessary. o Ensure proper documentation of incident response workflows, timelines More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze … threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Lead training sessions and tabletop exercises to improve security … and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative mindset to More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze … threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Lead training sessions and tabletop exercises to improve security … and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative mindset to More ❯

VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Deep understanding of Microsoft security technologies. Certifications More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze … threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Patriciate in training sessions and tabletop exercises to improve … and incident reporting. Deep knowledge of cyber–attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands–on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem–solving skills, with an investigative mindset to More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze … threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Patriciate in training sessions and tabletop exercises to improve … and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative mindset to More ❯

network architectures. Monitor network traffic for suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of vulnerabilities and … remediation efforts. Forensic Analysis: Perform forensic analysis of security incidents to determine the root cause and impact. Collect and preserve evidence in accordance with legal and regulatory requirements. Provide detailed forensic reports and recommendations for improving security posture. Incident Response: Lead and coordinate incident response efforts, including detection, containment, eradication, and recovery. Support development and … Ensure security tools are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and vulnerability assessments. Prepare reports for management and stakeholders. Collaboration: Work closely with other IT and Digital teams to ensure comprehensive security coverage. Provide security guidance to More ❯

solutions (SIEM, IDS/IPS, endpoint protection, cloud security) 🔹 Lead technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP or similar environment 🔸 Hands More ❯

testing. Developing and implementing security policies and procedures. Monitoring network traffic for unusual activity and potential threats using SOC/SIEM solutions. Responding to security breaches and carrying out forensic investigations. Ensuring compliance with industry standards and regulations, including ISO 27001 and GDPR. Delivering security training and awareness programs for both clients and staff. Mentoring junior security analysts to … Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are advantageous. Benefits: Opportunity to contribute to a growing MSP with a strong client More ❯

Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds … to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify … to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to More ❯

Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds … to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify … to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to More ❯

Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds … to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify … to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to More ❯

Monitor and respond to security alerts generated by Azure security tools Incident Response and Forensics: Coordinate the incident response process, including investigation, containment, and remediation of security breaches Perform forensic analysis to determine the root cause of incidents and develop strategies to prevent recurrence Risk Management and Compliance: Ensure compliance with recognised industry standards, such as SOC2, ISO … in implementing and managing security solutions Strong knowledge of Microsoft Azure security tools and services Proficiency in network security, system administration Experience with security monitoring tools, incident response, and forensic analysis Relevant certifications such as CISSP, CISM, Microsoft Certified: Azure Security Engineer Associate, or equivalent are preferred but not essential Excellent communication skills, both verbal and written Strong More ❯

onsite gym About You Desired skills and knowledge: Experience in incident handling, managing incident response, and investigating targeted threats such as APTs, organized crime, and hacktivists. Background in computer forensic analysis using various forensic tools. Understanding of system internals for implementing countermeasures across systems like macOS, Windows, Linux, and Android. Ability to create remediation plans for targeted More ❯

using PowerShell, Azure Policy, or Infrastructure-as-Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively More ❯

using PowerShell, Azure Policy, or Infrastructure-as-Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively More ❯

critical security issues. Perform advanced threat hunting, identifying sophisticated attack vectors and emerging threat patterns. Develop and refine incident response playbooks, integrating threat intelligence and proactive defense strategies.Conduct deep forensic analysis and root cause investigations for high-severity incidents to prevent recurrence. Provide mentorship and guidance to junior analysts, promoting best practices in incident detection and response. Collaborate … false positives and enhance detection accuracy. Contribute to red/blue team exercises to validate security controls and improve SOC readiness. Support compliance and audit activities by providing expert analysis and reporting. Skills/Must Have: 4+ years of experience in a SOC, incident response, or cybersecurity operations role. Extensive experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and More ❯

of incidents from detection through to remediation. Collaborate with threat intelligence teams to incorporate emerging threat data and integrate relevant indicators of compromise into hunting and detection practices. Perform forensic analysis on systems, applications, and cloud environments to trace the origin, scope, and impact of incidents. Develop and refine detection rules, incident response playbooks, and investigation workflows to … SOC, with a strong focus on incident response and threat hunting. Proven experience investigating and mitigating threats targeting web applications and cloud infrastructure (specifically AWS). Deep experience conducting analysis of data from a diverse range of data sources using a SIEM. Demonstrated expertise in performing forensic investigations and root cause analyses for complex incidents. Experience with SIEM More ❯

systems (IDS/IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and manual testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response processes. Risk Management & Compliance - Proficiency in identifying potential security … and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as Python, PowerShell, or Bash More ❯

systems (IDS/IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and manual testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response processes. Risk Management & Compliance - Proficiency in identifying potential security … and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as Python, PowerShell, or Bash More ❯

enforce consistent security policies Implement and maintain Kubernetes (K8s) security protocols Execute comprehensive security assessments and audits to identify risks, perform penetration testing, and lead incident response activities including forensic analysis and post-incident reporting Continuously monitor security threats across hybrid environments, deploying preventive controls (e.g., WAF, IPS) and mitigation strategies to address vulnerabilities and active attacks Partner More ❯

help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. Provide analysis and trending of security log data from many monitoring points. Support multiple customer environments … Knowledge of the security threat landscape Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems) Knowledge of TCP/IP Protocols, network analysis, and network/security applications Knowledge of common Internet protocols and applications Ability to multi-task, prioritize, and manage time effectively Ability to cope successfully under pressure and with … support and advice to our customers. Each of us loves what we do, which means we go the extra mile with every activity, from helping to tackle malware to forensic analysis." Juliette "At Redscan, everyone has a genuine passion for what they do. If you want to work for an employer that recognises hard work and has a clear More ❯