23 of 23 Incident Response Jobs in Berkshire

security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat … the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or … Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

collaborative and innovative environment. Stakeholder Communication: Act as a key point of contact for security-related matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders. Incident Response: Lead the response to security incidents, coordinating with relevant teams to contain and remediate issues quickly and effectively. Continuous Improvement: Drive continuous improvement initiatives to enhance More ❯

teams Work with our Channel team to help support and enable our Distributors and Resellers You will become an expert in Email Security, Advanced Persistent Threats, Attack Protection, Threat Response, Data Loss Prevention (DLP), and the threat landscape Occasional travel required. What You Bring To The Team Proven hands-on experience, either as a Sales/Systems Engineer, Technical … are recommended Enterprise email solutions such as Exchange, O365, G-Suite, Lotus Dominoorworking knowledge of SMTP IT security related areas such as Vulnerability and Risk Management, Security Operations or Incident Response Data Loss Prevention (DLP), compliance and data privacy Cloud security and shadow IT monitoring Cloud computing Infrastructure (e.g. AWS/Azure) Nice to have Hands on experience More ❯

tickets in Primarks service desk system for the Primark environment Contribute to the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response Participant in the triaging events from a wide range of sources, including reports from employees, security systems and threat intelligence data Perform analysis and response to … for this role in particular: 3+ years enterprise cybersecurity IT experience, ideally with Cloud technologies and On premise experience Experience in Cyber Security Operations with a track record in Incident Response and Investigations Solid foundation in modern operating systems and networking protocols Experience of working in multi-skilled teams Strong appreciation & adherence to processes, defined roles & responsibilities and More ❯

strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. More ❯

strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. More ❯

Stay abreast of the latest cybersecurity threats and trends, as well as advancements in network security technologies. Develop and enforce policies and procedures for network access, monitoring, and security incident response. What youll bring Youll have professional security certifications such as CISSP, CISM, or equivalent Youll have a minimum of 3 years of experience in network security or a More ❯

modern Security Operations function at a forward-thinking public sector organisation. About the Role As Security Operations Manager, you'll be responsible for safeguarding critical digital infrastructure, leading the response to cyber threats and ensuring secure access to systems across a large, complex estate. You’ll manage a team of specialists covering Microsoft Entra ID (Azure AD), Microsoft … highly skilled team across identity, M365, and security operations Overseeing day-to-day technical delivery and long-term strategy for identity and access services Driving improvements in security monitoring, incident response and threat management Managing the relationship with an outsourced 24/7 SOC partner Influencing roadmap decisions around tooling, automation and “shift-left” initiatives Acting as the … Operations, Identity & Access Management or Cybersecurity Strong hands-on knowledge of Microsoft Entra ID and Active Directory Experience managing or shaping a technical team Deep understanding of threat detection, incident response and security best practices A collaborative approach to working with internal stakeholders and external partners Location & Working Pattern Hybrid role based near Reading – typically 2–3 days More ❯

office) Our client, a leading cyber security and digital investigations provider, is looking for a driven Business Development Manager with experience selling cyber security services such as penetration testing, incident response, and compliance consultancy. This is a fantastic opportunity to join an ambitious team helping to drive growth across both the public and private sectors. Key Responsibilities: Engage More ❯

office) Our client, a leading cyber security and digital investigations provider, is looking for a driven Business Development Manager with experience selling cyber security services such as penetration testing, incident response, and compliance consultancy. This is a fantastic opportunity to join an ambitious team helping to drive growth across both the public and private sectors. Key Responsibilities: Engage More ❯

adversarial testing, model bias assessments, and trustworthiness evaluations. Contribute to training and awareness initiatives on AI/ML security best practices. Act as a key stakeholder in AI-related incident response and mitigation. Your Profile Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end … cyber incident lifecycle management for major security events -ensuring rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable … reporting and trend analysis using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

infrastructure to client deployments. What You'll Do Build & Architect: Core platform, weather/social/financial apps, interactive displays DevOps: AWS serverless management, legacy server maintenance, deployment pipelines Incident Response: Monitor threats, scale infrastructure, deploy critical fixes Client Support: Diagnose complex issues, translate requirements into technical solutions Technical Skills Node.js, TypeScript, React, Next.js PostgreSQL, DynamoDB, RESTful APIs More ❯

infrastructure to client deployments. What You'll Do Build & Architect: Core platform, weather/social/financial apps, interactive displays DevOps: AWS serverless management, legacy server maintenance, deployment pipelines Incident Response: Monitor threats, scale infrastructure, deploy critical fixes Client Support: Diagnose complex issues, translate requirements into technical solutions Technical Skills Node.js, TypeScript, React, Next.js PostgreSQL, DynamoDB, RESTful APIs More ❯

We're on the lookout for a strategic and hands-on leader to own the end-to-end delivery of IT services-covering Service Desk, End User Computing, Major Incident, Change & Problem Management, Service Transition, and Supplier Management. As part of our Product & Technology Group , you'll drive a culture of service excellence, lead cross-functional improvements, and ensure … Europe. What You'll Do Lead and develop high-performing service teams Own service management strategy aligned with ITIL and ISO standards Ensure smooth operations, change management, and major incident response Drive continual improvement through data, insight, and collaboration Act as a key liaison between senior stakeholders , service providers, and CAPTG teams Support the Director of Service & Infrastructure More ❯

Director of SOC A Global Organisation requires a Contract Director of SOC to lead the Global Incident Response function of 6 people. Day Rate: £675 - £720pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Director of SOC will have the previous following experience: Lead a Global SOC Function within a large … federated Company before Oversee day-to-day operations of Cyber Defence teams (CERT, Security Tooling, Proactive Monitoring), managing advanced incident detection, threat hunting, and forensic investigations using platforms like Splunk, Defender, and CrowdStrike Collaborate with Security Engineering and Architecture to integrate AI/ML (e.g., Microsoft Copilot) and emerging security tech for real-time response, smarter automation, and More ❯

systems; HV switching experience preferred). Repairs & Corrective Maintenance: Perform repairs to maintain uninterrupted service. Planned Maintenance: Prepare and execute scheduled maintenance activities. Documentation: Maintain logs, MOPs, and scripts. Incident Response: Assist in incident response and handle basic incidents independently. Work Requests & Installations: Complete work requests and circuit installations. Infrastructure Projects: Participate in projects to improve More ❯

Responsibilities: Operate and maintain all mechanical and electrical systems on site, including conducting HV switching (where authorised). Support or deputise for the Shift Leader when required, assisting with incident response and team coordination. Perform planned and reactive maintenance on a variety of critical infrastructure systems. Ensure compliance with method statements, risk assessments, and safe systems of work. … in a shift-based environment. Preferred Skills and Attributes: IOSH, NEBOSH, or similar health & safety training Leadership capability under pressure Familiarity with CAFM and digital PTW systems Experience with incident and change management processes This is a great opportunity to join a high-performing operations team within a world-class data centre. Ongoing training and progression opportunities are available More ❯

Responsibilities: Operate and maintain all mechanical and electrical systems on site, including conducting HV switching (where authorised). Support or deputise for the Shift Leader when required, assisting with incident response and team coordination. Perform planned and reactive maintenance on a variety of critical infrastructure systems. Ensure compliance with method statements, risk assessments, and safe systems of work. … in a shift-based environment. Preferred Skills and Attributes: IOSH, NEBOSH, or similar health & safety training Leadership capability under pressure Familiarity with CAFM and digital PTW systems Experience with incident and change management processes This is a great opportunity to join a high-performing operations team within a world-class data centre. Ongoing training and progression opportunities are available More ❯