24 of 24 Incident Response Jobs in Lancashire

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

this role, you will be responsible for the SOC team's overall management, operations, and direction. You will oversee the monitoring, detection, analysis, and response to cybersecurity incidents and threats, ensuring that our organization's information systems and data remain secure. Your leadership will be instrumental in building a … effectively monitor and protect the organization's assets. - Maintain a high level of situational awareness regarding current and emerging threats, vulnerabilities, and attack vectors. - Incident Response & Management: - Lead the response to significant security incidents, working closely with other teams and stakeholders to contain, mitigate, and recover from … security breaches. - Coordinate post-incident analysis and reporting, ensuring that lessons learned are documented and applied to improve SOC processes. - Establish and maintain strong incident communication protocols, ensuring that relevant stakeholders are informed during and after an incident. - Collaboration & Communication: - Collaborate with other cybersecurity, IT, and business teams More ❯

Starling SOC team, you will be working with the industries brightest SecOps professionals to protect Starling customers, assets, and systems using the latest technologies. Incident Triage, Response, and Investigations based on Alerts received from multiple sources which include: Cloud Infrastructure/Security. Endpoint Detection and Response. Perimeter detection … tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. Requirements About your Skills We're open-minded when it … overview: 3+ years experience in an in-house SOC role and team Understanding of AWS Security Solutions (or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms. Experience working in CSIRT/ More ❯

Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and … incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. More ❯

culture. About the Role You will be responsible for configuring and managing our security systems, monitoring security events, analysing potential security incidents, and coordinating incident response activities to protect our organisation's assets. KEY RESPONSIBILITIES Act as a primary point of contact for security incidents and alerts detected … forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to … conforms to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security More ❯

operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust … ID, and Active Directory. End User Computing Security : Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management. Incident Response & Forensics : Collaborate with security teams to analyse and respond to security incidents, conducting forensic investigations as needed. Optimize Security Posture: Enhance security … training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and EUC More ❯

optimal resource allocation. Compliance and Risk Management: Ensure infrastructure compliance with relevant regulations and standards, as well as mitigation of security risks and vulnerabilities. Incident Response: Lead and or participate in incident response team(s) during events that impact business operations. Disaster Recovery and Business Continuity More ❯

in cybersecurity. Work with the latest, cutting-edge technology. You will be part of a 24/7 SOC team involved in high-level Incident Response, proactive threat hunting, and developing detection and use-case capabilities. You'll work alongside the engineering team to optimize tuning opportunities. Candidates … Cybersecurity qualifications, certifications, or degrees e.g., CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 certifications are desirable. Strong knowledge of threat actor methodologies, incident response, and forensic investigations. This company has a clear vision, excellent leadership, and top tech talent. They offer impressive clients, flexible working, and … a supportive environment. Responsibilities: Lead escalated Cyber Incident Management, including Major Incidents and analysis for ongoing investigations. Conduct proactive threat hunts, RCAs, and develop detection capabilities. Monitor and investigate security alerts from SIEM platforms like MS Sentinel, AlienVault, or Splunk. Respond to security alerts, incidents, and requests, managing threats More ❯

work well within a team environment to keep customers secure. We value engineers that can work through ambiguity to identify suspicious activity, lead security response, and can explain technical security concepts to non-technical audiences. Key job responsibilities Identify, evaluate and communicate security threats, risks and vulnerabilities, and propose … the effectiveness of AWS detective controls such as Amazon GuardDuty, Amazon Macie, and other new security products. Develop processes and policies to increase security response effectiveness. On-call support: This role requires periodic on-call responsibilities including weekends. A day in the life As a Security Engineer in AWS … reporting issues so they can be adequately handled. You will work alongside our security engineers and partner teams to perform daily threat detection and incident response, using the full capability of AWS technologies and services to detect and mitigate cyber threats at a massive scale and help protect More ❯

our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer … efficiently. What you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and … Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices More ❯

teams. Build and maintain relationships with technology vendors and business partners. In conjunction with JD's Managed Detect and Respond services, develop and maintain incident response plans for data security breaches, ensuring quick and effective resolution. Qualifications and Skills: Professional certifications in Information Security or Cybersecurity (e.g. Certified More ❯

to-day operations, you'll contribute to wider projects aimed at enhancing the University's security posture through new technologies and improved detection and response capabilities. We have A passion for education, a great team, a great place to live and work, digital vision, challenges that are interesting and … cybersecurity landscape and current threats. A degree, professional qualification or extensive career experience in a relative field Hands-on experience with security monitoring and incident response technologies such as SIEM, IDS and EDR. Experience with vulnerability assessment including practical assessments for risk analysis. A strong working knowledge of More ❯

DevOps culture by driving collaboration between infrastructure, security, and engineering. Operational Excellence & Automation Strategy Define AI-driven observability and automated issue resolution strategies. Oversee incident response and resilience engineering to improve platform uptime. About the Role If you're craving real influence, cutting-edge tech, and the freedom More ❯

and assess security measures, recommending improvements in collaboration with IT teams. In conjunction with JD's Managed Detect and Respond services, develop and maintain incident response plans for modern workplace security breaches, ensuring quick and effective resolution. Qualifications and Skills: Professional certifications in Information Security or Cybersecurity (e.g. More ❯

Key responsibilities and accountabilities: Design and recommend security architectures, solutions, and controls to protect client critical assets and data. Develop and help customers implement incident response plans, which outline steps to take in case of a security breach. Perform security assessments for customers, including penetration testing, to identify More ❯

Infosec team and any third-party consultants engaged by the client to provide recommendations based on the findings to chart the way forward. Develop incident response plans and procedures tailored for Azure environments, conduct thorough security incident investigations, and coordinate with relevant stakeholders to effectively mitigate security More ❯

our unique role as Escalation Engineers, we have limitless exposure to all things AWS, including numerous leading-edge technologies. Key job responsibilities Providing critical incident response/management (including leading calls with internal/external participants) for customer's critical workloads and AWS Service Teams Provide concise and … customers, as well as internal stakeholders Work to improve important metrics such as 'mean time to engagement' and 'mean time to communication' for all incident types Facilitate Root Cause Analysis and Post Event Reviews after each event to minimize recurrence Work with key stakeholders across AWS as advocates on … computing environments - Knowledge of security best practices - Experience with network troubleshooting tools (telnet, test-netconnection, tracert, tracetcp, iperf, ntttcp, dig, and packet capture tools) - Incident Management Acknowledgement of country: In the spirit of reconciliation, Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea More ❯

experience - Experience in security principles such as least privilege access, defense in depth, preventative vs. detective controls, Infrastructure and Network Security, Data protection, and Incident response. Good technical knowledge of application security, system security, network security, authentication/authorization protocols, and cryptography. - Knowledge of professional software engineering practices & best More ❯

a LiveOps environment. Scoping, design and implementation of cloud architecture. Implement, maintain and consolidate cloud testing and automation tools. Identifying and deploying cybersecurity measures. Incident management and root cause analysis. Working with our code and build teams to ensure a streamlined workflow. Minimum Requirements: Prior experience working in DevOps … systems like Jenkins, GitLabCI, CircleCI etc. Experienced with version control systems like Perforce and git. A knowledge of creating and maintaining logging, monitoring and incident response technologies. Experience with Pulumi and Microsoft PlayFab is desirable. We offer an extensive benefits package to our team including: 22 days holidays More ❯

on expertise with Splunk . Key Responsibilities: Monitor and respond to security incidents using Splunk and other SIEM tools Conduct threat detection, analysis, and incident response Support the design, implementation, and maintenance of security measures across infrastructure Work with internal teams to assess vulnerabilities and implement appropriate fixes More ❯

Technical background in AI/ML, data science, or software engineering Experience with cloud-native AI environments and SaaS-delivered AI products. Exposure to incident response and major event management involving technology failures. We want our people to feel that they belong and can be their best, regardless More ❯

least 50% of your time to technical tasks, including code and design reviews, technical kick-offs, legacy code exploration, proof-of-concept development, and incident response. Lead by example: Set the technical direction for the team, mentor team members, and foster a culture of technical excellence. Drive innovation: Encourage More ❯

Hyper-V), and cloud platforms. Provide both remote and on-site troubleshooting. Support and implement network infrastructure changes, including routers, switches, firewalls, and VPNs. Incident & Problem Management Own and manage complex incidents from initial diagnosis to full resolution. Follow ITIL-aligned processes for escalation and management of incidents. Participate … in an On-Call Rota for out-of-hours incident response. System Maintenance & Monitoring Perform regular system health checks on client infrastructure, including servers, networks, and backups. Implement preventive maintenance plans and updates to minimise downtime. Proactively monitor system alerts and mitigate risks. Project Support Assist with IT infrastructure More ❯