51 to 75 of 200 Incident Response Jobs in London

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

spend and implement FinOps best practices Maintain CI/CD pipelines – Implement and maintain reliability and observability aspects of GitHub workflows and deployment pipelines Incident response – Lead incidents, run blameless post-mortems, and drive continuous improvement Enable developers – Mentor teams on SRE and observability practices, helping them quickly … resolve issues Leverage AI tooling – Use AI‐assisted development tools (e.g. GitHub Copilot) to accelerate infrastructure work, and explore AI‐driven approaches to incident detection, root cause analysis, and remediation What We're Looking For Essential 3+ years in an SRE, Platform, or DevOps engineering role AWS services: CloudWatch ...

cybersecurity program Develop security policies, standards, and procedures Support transition to a risk‐based security model Oversee monitoring and alerting with SOC partners Manage incident response processes and reporting Coordinate response and reporting of security events Vulnerability Management & Security Operations Lead vulnerability management lifecycle Partner with ...

periodic security reviews and internal control assessments. Cyber Security and Security Monitoring Oversee cyber security measures including vulnerability management, access control, security monitoring and incident detection. Ensure regular vulnerability assessments, security reviews and penetration testing are conducted. Incident Management Establish and maintain procedures for managing information security incidents. … Coordinate investigation, response and reporting of cyber security incidents. Operational Resilience Support the Branch’s operational resilience framework from an information security perspective. Participate in disaster recovery planning, cyber security exercises and resilience testing. Third‐Party and Outsourcing Risk Assess information security risks associated with third‐party service providers ...

periodic security reviews and internal control assessments. Cyber Security and Security Monitoring Oversee cyber security measures including vulnerability management, access control, security monitoring and incident detection. Ensure regular vulnerability assessments, security reviews and penetration testing are conducted. Incident Management Establish and maintain procedures for managing information security incidents. … Coordinate investigation, response and reporting of cyber security incidents. Operational Resilience Support the Branch’s operational resilience framework from an information security perspective. Participate in disaster recovery planning, cyber security exercises and resilience testing. Third-Party and Outsourcing Risk Assess information security risks associated with third-party service providers ...

cloud‐first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud‐native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR … risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding ...

similar, Industry certifications such as CompTIA Security+, GIAC, CISM, CISSP or other relevant certification preferred Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS Strong knowledge ...

backup, disaster recovery and service continuity Security Operations Platform security controls, monitoring and threat detection SIEM, SOAR, endpoint and network security tooling Operational security incident management in partnership with InfoSec End-user devices, operating systems and device lifecycle Microsoft 365, identity lifecycle management and collaboration tooling Endpoint security, compliance … legacy platforms Operational Excellence and Service Management Accountable for platform availability, performance, resilience and supportability Ensure platforms are operated in line with ITIL practices (incident, problem, change, configuration and continuous improvement) Oversee third-line support, major incident response and root cause analysis Security and Risk Management Ensure ...

role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse … e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflowsAct as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best ...

join the firm in London. Responsibilities: * Undertake efficient, effective and proactive day-to-day cybersecurity operations to minimise the risk of a security incident, enabling the firm to do business. * Maintain the capability to react and respond to incidents in an effective and timely manner, minimising their impact … event data across the firms' systems, and procuring threat intelligence to inform the hunts. Key Skills: * Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. * Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. * Strong ...

Intellectual property storage, and SaaS application security. Alongside wider corporate security technical controls. Automation & Engineering: Write scripts and build tools to automate security workflows, incident response tasks, and audit evidence collection for compliance. Cross-Functional Collaboration: Work with IT and business operations to integrate security tools into everyday … Minimum Qualifications Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. 5+ years’ experience in Security Engineering, Corporate Security, Detection & Response, or a related field. Hands-on experience administering IAM platforms (e.g. Okta, GoogleWorkspace). Deep hands-on experience with GoogleWorkspace products Practical hands ...

mitigating vulnerabilities and ensuring compliance with data protection laws (e.g., GDPR). Establish, implement, and maintain security policies, standards, and operational controls; support audits, incident response, vulnerability remediation, and ensure effective use of security tooling (eg., Sentinel, Defender for Cloud, SIEM). Work closely with Operational Risk, DevOps ...

supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problemsolving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent communication ...

Development Manager to lead two strategically important engineering groups within Enterprise Infrastructure (EI): Security Automation Engineering (SAE) – the development arm of the Cyber Security Incident Response Team (CSIRT), responsible for building automated detection and response systems; Enterprise Infrastructure Application Development (EIDev) – a new and growing team responsible … patterns, deployment architectures and modernisation strategies across on‐premise and AWS environments; driving legacy application migration, architectural governance and technical debt reduction. Automated detection & response capabilities: Leading SAE initiatives, integrating with Elastic Security, Azure DefenderXDR and AWS SecurityHub. Supporting the wider EI organisation: Collaborating with infrastructure, networking, identity ...

event-driven workflows. Automation & Toil Reduction at Scale Lead the design of automation frameworks that eliminate manual operational tasks across multiple domains. Translate incident learnings and operational inefficiencies into scalable automation and preventative controls. Drive adoption of automation-first principles, reducing dependency on human-driven processes. Contribute … telemetry, monitoring, alerting, and operational visibility across all critical systems. Ensure services are observable, measurable, and support proactive detection of issues. Improve operational readiness, incident response effectiveness, and time-to-recovery through engineering solutions. CI/CD & Platform Integration Contribute to the design of CI/CD patterns ...

join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while remaining at the forefront … attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). ...

high-calibre quantitative investment firm building a new security function alongside a completely refreshed technology environment. This is a rare opportunity to shape Detection & Response properly from day one, rather than inherit a noisy SIEM, half-owned tooling and legacy processes. The role suits a deeply technical security engineer … turn those opinions into production-grade capability. You’ll work closely with senior security leadership to design the data, tooling, automation and response foundations that protect a fast-moving investment platform... Key Responsibilities Define and build the firm’s Detection & Response capability across endpoint, network, cloud and internal ...

vulnerability management, and compliance controls into engineering workflows. Collaborate with software development teams to improve secure coding practices. Develop and maintain monitoring, logging, and incident response automation. Support threat modelling and secure architecture reviews. Drive DevSecOps best practices across engineering teams. Contribute to platform engineering and cloud-native ...

across the business Design and implement secure cloud environments and production‐grade infrastructure Lead security initiatives including vulnerability management, threat modelling, penetration testing, and incident response planning Build and evolve CI/CD pipelines, release management processes, and deployment automation Establish observability, monitoring, logging, alerting, and operational runbooks ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security … Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications – Essential ...

SIEM: Collaborate with our SOC partner to design and optimise Splunk dashboards and alerts, turning raw data into actionable intelligence to combat sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes … Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious activities within the environment. Train the Team: Elevate the skill level of the existing team in CrowdStrike, Splunk, and security analysis. ...

implement a pragmatic, business aligned security roadmap Lead GRC, security operations and architecture oversight Drive improvements across identity & access management, cloud security and incident response Act as the senior escalation point for security incidents and risk decisions Engage with C-suite and board stakeholders, providing clear, commercially focused ...

CIAM) solutions and data protection initiatives Work alongside Cyber Security Operations Center (CSOC) teams, contributing to threat intelligence, vulnerability assessments, and testing activities Support incident response activities and help strengthen client defence capabilities Assist with SIEM configuration, monitoring, and optimisation, including log pipelines, correlation rules, and alert triage ...

will contribute to infrastructure decisions and service architecture within our Azure environment, support observability, monitoring and alerting for production services, and participate in incident response and root cause analysis when issues arise. You will take end-to-end ownership of features from technical design through to delivery ...