1 to 25 of 39 Incident Response Jobs in the East of England

join our team. This is a critical leadership role, overseeing the full security lifecycle — from architecture and policy development to operational resilience and incident response — across complex hybrid environments with a strong emphasis on cloud security (AWS and Azure). Your leadership will be central to ensuring that … into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Ability to establish and improve incident response playbooks ...

delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will … involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking ...

Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team.When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing … Permanent Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific Government ...

Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing … Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance of £8k) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific ...

mentor and escalation point for Tier 1 and Tier 2 analysts during live operations Support alignment between SOC operations, threat intelligence, and incident response functions Capture operational metrics relating to alert handling efficiency, response delays, and quality issues Identify procedural gaps and contribute to the improvement … playbooks, SOPs, and workflows Assist the incident response function with investigations requiring escalation to embedded internal stakeholders The ideal candidate would have: A strong career background in Cyber Security within an operational SOC environment Experience mentoring, coaching, or providing quality assurance to SOC analysts The ability to lead ...

Overview: We are seeking a motivated Cyber Security Apprentice to join our team in Bedford. You’ll gain hands-on experience supporting threat monitoring, incident response, and security operations while working closely with experienced security engineers. You will be enrolled onto the QA Level 4 Cyber Security Defender … Responder Apprenticeship, which equips learners with proactive defence skills, incident response capability, and hands-on training through labs and the Discover Practise Apply model. Responsibilities: Monitor basic security alerts and escalate potential threats. Assist with incident triage, evidence gathering, and documentation. Support vulnerability checks and track remediation ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Demonstrate capability in planning, scoping, and reviewing security assurance activities ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

identify automation opportunities and build powerful tools that make our clients systems smarter and teams more efficient. From scripting to deployment, monitoring to incident response, this role will shape the future of how our client delivers IT.This position is also responsible for monitoring and maintaining infrastructure, ensuring systems … Role & Responsibilities: Automation Development : Identify inefficiencies and build automation solutions using tools like PowerShell, Python, and Bash to streamline operations and reduce manual effort. Incident & Problem Management : Automate detection, triage, and resolution processes, and contribute to root cause analysis with preventive automation. Change & Configuration Management : Design automated workflows ...

play a key role in shaping how IT is delivered across the organisation. From scripting and deployment through to monitoring, patching, and incident response, your work will directly influence the stability, security, and scalability of our infrastructure. The Role You'll be responsible for monitoring and maintaining … quick fixes. A major focus of the role is automation. You'll proactively identify inefficiencies and design automated workflows that reduce manual effort, improve response times, and enhance operational consistency. You'll also collaborate closely with Infrastructure Operations, Service Desk, and Field Services teams to embed automation into everyday ...

lead a team delivering essential services including DNS, DHCP, load balancing and URL redirection . You will be responsible for capacity planning, operational stability, incident response and continuous improvement across a complex, multi-vendor network landscape. You will act as the senior technical escalation point during major incidents … capacity planning for both day-to-day operations and project demand. Manage and operate multi-vendor platforms including BlueCat, Windows and HAProxy. Ensure timely response to incidents and service requests in line with defined SLAs. Own service standards, documentation and continuous improvement initiatives. Drive efficiency and automation using Python ...

virtualisation platforms (Hyper-V, SAN). Drive improvements in monitoring, patching, backup (Veeam), and disaster recovery. Act as the technical lead for security configuration, incident response, and compliance (Cyber Essentials, GDPR). Provide 3rd Line technical support and mentor engineers in system administration and security best practice. Collaborate ...

developing your team.In this SOC Shift Leader role you’ll help shape how the SOC operates, improve processes, and work closely with intelligence and incident response teams on real-world defence threats. You’ll be at the heart of protecting national security, using tools like Microsoft Sentinel, Defender ...

oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role that builds upon the responsibilities … values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. Review, assess ...

risk experience to join a large public sector organisation in a critical environment, offering a varied role across alert triage, compliance, risk assessments and incident response.This company are a major public sector organisation supporting essential services and operating a complex technology estate. They are looking to strengthen their cyber …/tickets, prioritisation and escalation support*Cyber risk assessments, controls monitoring, audits and project advice*Support compliance activity (DSPT/standards) and vulnerability management*Incident response support + maintaining SOPs and security tooling (e.g., AV/firewalls) The Person: *Cyber security experience (assurance/risk/compliance ...

including TCP/IP, DNS, DHCP, routing, switching and firewalls Technical leadership Act as the senior technical escalation point for infrastructure services Lead major incident response and complex problem resolution Provide mentoring and technical guidance to engineering and service teams Role-model secure engineering, strong documentation and operational ...

complex environments (e.g Splunk, Elastic, Sentinel). Experience managing business continuity and disaster recovery for cyber systems. Strong understanding of security operations lifecycle, from incident response through to capability planning. Experience in supplier management, product lifecycle, budgeting, and resource coordination. Working knowledge of security vetting processes and handling ...