1 to 25 of 27 Incident Response Jobs in Hampshire

ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯

who all share the Mondas vision. We are a Cyber Consultancy that specialises in Security prevention and detection. Mondas delivers bespoke Cyber Security Solutions, helping our clients streamline their incident response and recovery process with our automated approach to SOAR, SIEM & MDR. Responsibilities: ? Respond to and manage security incidents, ensuring timely and eff ective resolution ? Conduct in-depth … investigations to identify root causes and implement corrective actions ? Mentor and train junior analysts, promoting knowledge sharing and skill development within the team ? Produce and maintain Incident Response plans and playbooks ? Develop, implement and refi ne SOC processes, procedures and tools ? Produce technical and expertly written incident reports to clients ? Collaborate with other IT teams to enhance … Azure, etc.) and securing hybrid environments ? Strong communication skills, both written and verbal, with the ability to explain complex security issues to non-technical stakeholders ? Some experience within an Incident Response capability ? Familiar with Information Security frameworks What do we offer? ? Opportunity to progress your career ? Leverage market leading security tools ? Continuous training to upskill staff ? Commitment to More ❯

As a member of the Starling SOC team, you will be working with the industries brightest SecOps professionals to protect Starling customers, assets, and systems using the latest technologies. Incident Triage, Response, and Investigations based on Alerts received from multiple sources which include: Cloud Infrastructure/Security. Endpoint Detection and Response. Perimeter detection tooling. Investigating and responding to … security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. About your Skills We're open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. … Below is an overview: 3+ years experience in an in-house SOC role and team Understanding of AWS Security Solutions (or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms. Experience working in CSIRT/SOC functions. Experience supporting and conducting Incident More ❯

SOAR Engineer/Analyst (Security Orchestration, Automation, and Response) Duration: 12 months Pay: £360.26/day PAYE or £495.15/day via umbrella Location: Remote (UK) Role Purpose The SOAR Engineer/Analyst is responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre. This role integrates multiple … security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps (Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence … Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

Tasks: Security assessments:?Create and perform security assessments and threat models Security standards:?Develop,implement&maintainsecurity standards and plans VulnerabilityManagement:?Research weaknesses and find ways to counter them Security incident response:?Respond to attack vectors and security incidents, and coordinate incident response across teams Security software testing:?Test company software, firmware, and firewalls Security software design … event log analysis Network Troubleshooting skillsrequired. Knowledge and hands-on experience in penetration testing/vulnerability scanning, security tools like tenable Nessus, kaliLinux Knowledge of ITIL disciplines such as Incident, Problem and Change Management Experience of infrastructure design and management in mission critical environments preferred. Understanding of Virtual Infrastructure and windows environments preferred Effective communication, organizational, problem-solving and More ❯

reporting Implementing and maintaining endpoint security measures, including AV/anti-malware compliance Conducting system hardening and security compliance audits against frameworks like CIS, STIG, and NIST Contributing to incident response, forensic investigations, and remediation activities Assessing the security impact of changes, supporting secure design and assurance processes Producing and maintaining detailed security documentation (HLDs/LLDs, SOPs … you will need: Proven experience in a Cyber Security Engineering role, ideally within the defence or secure government sector Strong hands-on expertise across vulnerability management, endpoint protection, and incident response Familiarity with frameworks such as Government Functional Standard 007, CIS, STIG, and NIST A proactive, collaborative mindset with the ability to engage across multidisciplinary technical teams The More ❯

information transfers, and maintaining compliance with strict regulatory standards. What You'll Bring Proven experience in Operational Security Management , with a deep understanding of security policies, risk mitigation, and incident response . Experience as a Security Officer (STRAPSO highly desirable) with strong asset management skills. MUST have NIST Secure by Design (SbD) experience Strong leadership skills , capable of … working across teams and disciplines to enhance security operations. Expertise in incident classification, response, and reporting , with the ability to identify, assess, and mitigate evolving threats. Ability to manage security training , document security policies, and conduct audits to ensure ongoing compliance. Excellent communication skills , capable of advising both technical and non-technical stakeholders. Secure Your Future. Shape the More ❯

maintaining compliance with strict regulatory standards. What You'll Bring Proven experience in Security Consultant/Architect/Management with a deep understanding of security policies, risk mitigation, and incident response . Experience as a Security Officer (STRAPSO highly desirable) with strong asset management skills. MUST have NIST Secure by Design (SbD) experience Strong leadership skills , capable of … working across teams and disciplines to enhance security operations. Expertise in incident classification, response, and reporting , with the ability to identify, assess, and mitigate evolving threats. Ability to manage security training , document security policies, and conduct audits to ensure ongoing compliance. Excellent communication skills , capable of advising both technical and non-technical stakeholders. Secure Your Future. Shape the More ❯

and infrastructure environments—most notably AWS. Your role will be pivotal in ensuring the secure delivery of new systems into live service, as well as ongoing protection, compliance, and incident response. You will: Own the vulnerability management strategy across platforms, leading scanning, remediation, and reporting activities Design and enforce endpoint security policies, access controls, and malware protections Lead incident identification and response efforts, ensuring swift containment and root cause analysis Oversee system hardening and compliance with industry standards (CIS, STIG, NIST) Contribute to strategic security planning and advise engineering and programme leadership on cyber risks Provide oversight and review of technical documentation, ensuring quality and audit readiness Represent cyber security in high-level programme planning and governance … endpoint protection, and vulnerability management Strong working knowledge of compliance frameworks and standards (CIS, STIG, NIST, Government Functional Standard 007) Proven ability to lead security planning, risk assessments, and incident response activities Excellent documentation, communication, and collaboration skills Eligibility for DV (Developed Vetting) clearance Experience leading or mentoring engineering teams and influencing security posture across a programme or More ❯

with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need as Information Security Assurance Specialist: Strong understanding of all security principles and underlying More ❯

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC … operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: • Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. • Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of … security incidents. • Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). • Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. • Use OSINT (Open-Source Intelligence) to enrich contextual More ❯

doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and … continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational More ❯

Lead the development and implementation of the Information Governance Framework, policies, and procedures. Ensure compliance with regulatory requirements e.g., GDPR, ISO 27001, Cyber Essentials. Proactively manage cyber risks and incident response plans Digital Transformation Drive digital programs including automation, data analytics, self-service platforms, and customer-facing technologies. Promote agile delivery models, DevOps, and cross-functional digital teams More ❯

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. As a Tier 2 Analyst you will works closely with senior and junior analysts to ensure … a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. Responsibilities: * Conducting escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and … thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). * Investigating potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. * Using OSINT (Open-Source Intelligence More ❯

Establish and enforce IT policies, standards, and procedures to ensure high availability, performance, and security. Lead a 24 7 support model for internal platforms and services, including service desk, incident management, access control, and remote support. Ensure high-quality internal service delivery through ITIL-aligned practices, KPIs, and SLAs. Drive automation and self-service capabilities for common support tasks … and technology partners to ensure cost-effective and reliable service delivery. Collaborate with InfoSec and Legal teams to ensure compliance with relevant regulations (e.g., ISO 27001, GDPR). Lead incident response and disaster recovery planning/testing for internal platforms and operational IT. Requirements Needed: Bachelor's degree in information technology, Computer Science, or related experience. 10+ years More ❯

Aligning IT strategies with business goals.- Managing hybrid cloud environments (Azure, AWS, Google Cloud).- Leading the IT team.- Managing external vendors.- Ensuring regulatory compliance. ISO 27001, GDPR- Leading incident response and disaster recovery planning/testing. Requirements: - Qualifications: Bachelor’s degree in IT, Computer Science, or related experience.- Experience: 10+ years in IT operations, 5+ years in More ❯

training and development programs. Responsibilities include: Monitoring, triaging, and investigating security incidents on critical client infrastructure. Analyzing network traffic, logs, and system events to identify threats and vulnerabilities. Providing Incident Response support. Maintaining and developing team knowledge of SOC tools and security operations. Preparing reports for technical and non-technical audiences and improving their content. Updating security incident More ❯

protective security standards across digital and physical environments, and supporting the design of proportionate controls. You're comfortable analysing threat intelligence and using those insights to inform decision-making, incident response, and ongoing risk management activities. You're confident engaging with a wide range of stakeholders-from technical teams to senior leaders-and are able to clearly communicate More ❯

workflows Create and maintain technical documentation: IP addressing plans, rack layouts, provisioning templates, and site handovers Act as a technical lead onsite, resolving issues under pressure during deployments or incident response Coordinate with WAN/ISP partners to provision uplinks and monitor performance Share knowledge internally through training, playbooks, and documentation WHAT YOU'LL BRING " ESSENTIAL More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯