1 to 25 of 31 Incident Response Jobs in the East of England

lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY's Global RoPA and integration of Privacy Impact Assessment (PIA) records and … Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY's Global Delivery Service ("GDS") involved in the Global Incident Response Process. The global data protection team is responsible for the implementation and transformation of EY's privacy compliance program, which include Binding Corporate Rules. The team works closely with … on data protection matters, including both personal data privacy and the protection of client and EY confidential information. The opportunity As the Global Legal Counsel - Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

As part of our Cyber team, you will help us build a world-class security automation, orchestration, and response capability that will navigate challenging security incidents, drive process improvement, and develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools needed to scale our detection and response capabilities across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts … to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence, Incident Response, and Attack Surface Management teams to build and tune robust SIEM detections for proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Partner with third-party vendors and service providers to More ❯

As part of or Cyber team You will help us build out a world class security automations, orchestration and response capability that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools that we need to scale our detection … and response capability across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. … Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and More ❯

response. • Soft Services Management - Ensuring effective delivery of cleaning, waste management, catering, reception, and porterage. • Contract & Supplier Management - Managing outsourced service providers and ensuring compliance with SLAs. • Business Continuity & Incident Management - Developing and maintaining business continuity plans for NBIP (BCP). • Compliance, Insurance & Risk Management - Ensuring adherence to health, safety, and environmental policies. • Mechanical, Electrical & Building Fabric Maintenance - Supporting … control systems, working with the EI Business Support team as needed who locally manage systems within the EI Building. Operational Management • Analyse Business Systems data to identify trends, improve response times, and enhance efficiency. • Work with the FM Business Partner to provide data-driven insights for performance monitoring. • Drive continuous improvement to ensure customer-focused service delivery. Soft Services … ensure compliance and contractual performance. • Develop and sustain relationships with key stakeholders. Security & Access Management • Manage site security services, including contracted security staff, access control, and CCTV. • Ensure robust incident response procedures, coordinating with emergency services when necessary. • Work with internal stakeholders to manage security risks, access controls and mitigate threats. • Oversee visitor management protocols, ensuring compliance with More ❯

taking a leading role in delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: * Endpoint monitoring … and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise incident … computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing * Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. * Significant experience within a SOC environment. * Incident response experience * Qualification/Certification in Cyber Security Desirable * IT Qualifications/Certifications such as CompTIA More ❯

travel to the office twice per week. We are looking for an experienced Security Engineer to join our Cyber team. You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you … will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Studio and gaming environments. Please note that this position will require participation in an on-call rotation. What you'll be doing: Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and … efficiently to stakeholders Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident Develop and run tools to gather security telemetry data from cloud production systems Automate workflows and improve identification and response time for security events Build and optimize detection rules, allowing us to spend our cycles More ❯

cybersecurity tools to conduct proactive vulnerability scans across the Archive's network, devices, and systems; prioritize and address vulnerabilities; and generate progress reports. Monitor security events using detection and response solutions; respond to, manage, escalate, and report potential security incidents following established Incident Response Procedures. Lead cybersecurity analysis, improvements, monitoring, and incident response efforts, collaborating More ❯

and experience: An experienced threat intelligence lead (or similar). Expert in cybersecurity, with a focus on threat management and defensive security in regulated environments. Proficient in threat management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber … Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or vulnerability management programs. Professional certifications in Cyber and Information Security (e.g. OCSP, GREM, CEH). Strong analytical and problem-solving abilities, translating complex technical issues into actionable recommendations. An excellent communicator with the More ❯

that transform how a modern cyber team defends a fast-moving, always-on digital environment. You'll be part of a forward-thinking security function that's serious about incident response, proactive defence, and continuously improving how they work. Your mission: Develop scalable automation workflows that improve how we detect, respond to, and recover from threats. Streamline processes … across threat intel, incident response, and vulnerability management by eliminating repetitive manual tasks. Design and fine-tune SIEM detections that surface real signals and support both proactive and reactive actions. Collaborate across multiple cyber disciplines and work with third-party tools and partners to create seamless integrations. Drive process improvement in relation to Cyber Automations and Tooling What More ❯

and the compliance for the roles of Principal Contractor, Contractor, and Client. o conducting necessary site inductions, delivery of pertinent safety communications at site, participating in safety leadership tours, incident management and reporting and Safety Observation reporting. o Review of Contractor pre-task planning documentation, including method statements & risk assessments to facilitate daily site checks to ensure activities are … are identified, assessed, planned, and executed in a safe and methodical manner. o Liaise and co-ordinate activities with all stakeholder parties within the CDM zone. o Perform any Incident Response functions as required. o Conduct site incident/accident investigations as required. o Ensure welfare provision is adequate, and is maintained in such condition. • Works Management … Reporting o Create and issue Daily Progress Reports, ensuring all pertinent project information is captured within. o Create and issue weekly/monthly internal progress reports. o Complete any incident/accident reports as required, and ensure regular updates of such until closed out. o Routinely approve and submit timesheet reports o Create and submit any regulatory reports as More ❯

Incident Planning & Business Continuity Manager IPBCM Job Title: Incident Planning & Business Continuity Manager Department: HSSEQ Location: Hemel Hempstead (hybrid with some travel) Join Our Team at BPA: Officially Where it's a Great Place to Work! About BPA: At BPA, we are at the forefront of the hydrocarbon transport and storage industry, proudly owned 50/50 by … teams not only have fulfilling careers but also deliver 'best in class' technical advice and services to our clients. What's the Job About? We're seeking a proactive Incident Planning & Business Continuity Manager to strengthen our emergency preparedness and organisational resilience across COMAH operations and critical national infrastructure. You'll lead the development and implementation of emergency and … continuity plans, coordinate risk assessments, and deliver training and exercises across the organisation. Key Responsibilities: Develop, maintain, and test emergency response and business continuity plans Lead risk assessments, business impact analyses, and recovery strategies Coordinate with emergency services, regulators, and local resilience forums Design and deliver training for incident response and continuity planning Serve as the point More ❯

production estate from both a technical and process perspective. Provide a consistent smooth operation of live systems and drive all on-call support issues. Design and operate a new incident tracking process to ensure root causes are found and remediated in a timely fashion by the development team. Create and maintain high end monitoring and automation tooling. Drive automation … and continuous improvement. RESPONSIBILITIES: Proven experience in a senior or lead SRE role, with a strong track record of building and maintaining highly reliable infrastructure and services. Expertise in incident management, including incident response, resolution, and post-mortem analysis. Proficiency in monitoring, alerting, and observability tools such as Prometheus, Grafana, ELK stack or Datadog. Experience with cloud More ❯

Network Perimeter working with the best standard technologies. The MBDA SOC Analyst reports to the SOC Manager. The MBDA SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded MBDA member of staff.. The MBDA SOC Analyst key responsibilities are: Effective Tier 1 to … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line More ❯

and helping the SOC evolve. You’ll be the SOC Shift Leader who bridges the gap between the analysts on the floor and the SOC Manager, Threat Intelligence, and Incident Response teams making sure communication is clear and everyone is aligned.To secure this SOC Shift Leader role you will have: Strong cyber security background across network security, infrastructure More ❯

tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating dashboards, and writing KQL queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune/Endpoint More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role that builds upon the responsibilities of a senior SOC Analyst, introducing additional duties … a values led company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. Review, assess, and QA analyst triage, case notes … as the first point of contact for non-critical escalations and queries within the shift team. Liaise with SOC Manager, CTI, and IR leads to clarify or communicate updated response requirements. Contribute to and support the alignment of ongoing SOC initiatives, project deliverables, and best practice dissemination. Feedback & Continuous Improvement Log procedural or workflow issues observed during shifts and More ❯

s market position. As a Cyber Security Professional, you will support this area, working confidently and proactively to promote successful outcomes. What you'll be doing Be a cyber incident decision maker, ensuring mitigation controls and incident response are appropriate. Provide security advice and remediation to BT Lines of Business and external customers. Complete and own integration … NSE 4, Cisco CCNP, Checkpoint CCSE, Palo Alto. Knowledge of TCP/IP & OSI model and data network operations. Understanding of engineering best practices and continuous delivery. Experience with incident and escalation management. Willingness to undergo UK Government Security Clearance to SC level, requiring UK residence for at least 5 years. At BT, we offer an attractive salary, benefits More ❯

open and closed sources Monitoring OSINT, dark web forums, and internal telemetry for threat indicators Translating raw technical data into actionable insights for security teams Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs More ❯

open and closed sources Monitoring OSINT, dark web forums, and internal telemetry for threat indicators Translating raw technical data into actionable insights for security teams Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs More ❯

out routine maintenance, replace consumables, and complete minor repairs Keep accurate inventories and security mark equipment Monitor and maintain network security, ensuring safe and appropriate use Assist with cyber incident response and promote cyber safety in line with NCSC/DFE guidelines Ensure compliance with GDPR, RPA, and Copyright Licensing Authority regulations Set up and operate AV equipment More ❯

full compliance with all statutory requirements, company policies, and health and safety legislation across all soft service areas. Act as a key member of the site's emergency and incident response team, supporting security operations and business continuity planning. Customer Experience Drive continuous improvement in customer satisfaction by aligning soft services operations with customer needs and feedback. Financial More ❯

Senior Cyber Security Engineer As Senior Cyber Security Engineer, you will be responsible for developing a high-quality response function that will navigate security incidents, drive process improvement and develop a collaborative culture where incidents are communicated and colleagues gain knowledge in these areas. Also, you'll build the infrastructure that the organisation needs to scale their detection and … response capability across all threats. Key Skills Experience in security monitoring, incident response, and threat hunting in a cloud environment Prior experience leading complex security investigations Understand offensive/defensive security and scenarios that lead to compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics More ❯

Senior Security Engineer Cambridge (Flexible working arrangements available) £70k-£80k If you've ever been the one who spotted the anomaly before it became an incident, or the engineer who built the tool that turned days of investigation into minutes-you'll feel right at home here.This is a senior role for someone who wants to move beyond responding … to alerts and instead shape how security detection, automation, and response are built from the ground up. You'll have real influence over architecture, tooling, and strategy while working alongside experienced engineers in an organisation that actually listens to its security team. What's in it for you from day one? Private medical and dental coverage Enhanced family leave … wrong, it's contained quickly and effectively. What you'll be responsible for Designing and maintaining scalable detection logic across cloud and on-prem environments Developing automation that reduces response time and removes repetitive analyst work Writing scripts and tooling that help collect, correlate, and enrich event data Performing deep investigations when incidents occur and making sure we don More ❯