1 to 25 of 145 Incident Response Jobs in the Midlands

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be a part of the first line of defence in Experian's … broader incident response and incident management departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and recovering from events falling in its scope or escalating higher-risk … events to dedicated incident response and management teams in the CFC. This role is critical in ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. Please note that in this role, you will have an 8x5 More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

complex IT and security issues, and be a key player in ensuring the organisation's overall cybersecurity posture remains strong. You will also be involved in proactive security measures, incident response, and disaster recovery planning. This role is office-based at our Coventry site, with travel to other UK sites as required, sometimes at short notice. Occasional on … Monitor and maintain security infrastructure, including firewalls, VPNs, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and penetration testing. Apply patches and updates to mitigate security threats. Lead response efforts in cyber-attacks or security breaches, including containment and remediation. Perform root cause analysis and recommend mitigation strategies. Collaborate on incident handling, reporting, and documentation. Enforce security More ❯

Recruiting for Central Functions | #1 Accountancy firm to work for in the UK About The Role... Are you a cybersecurity professional with a solid foundation in threat detection and response, looking to deepen your impact in a dynamic IT environment? Do you have hands-on experience with Microsoft Sentinel and Microsoft Defender, and a passion for protecting systems and … point of contact for security-related queries, providing guidance and training to end-users and technical teams Maintain clear, comprehensive, and up-to-date documentation of security policies, procedures, incident response plans, and system configurations Work closely with our Security Operations Centre to monitor and investigate security alerts generated by Microsoft Sentinel and Microsoft Defender Collaborate with our … ll be able to manage and prioritise multiple tasks in a fast-paced and dynamic environment. Technically you’ll bring: Microsoft Security Stack: Microsoft Defender XDR and Microsoft Sentinel (incident investigation, alert tuning and threat detection) Cloud Security Expertise, particularly within Microsoft 365 and Azure environments Infrastructure Knowledge: networking, Windows, macOS etc. Familiarity with security frameworks & standards i.e. NIST More ❯

with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands-on experience in cyber security, threat detection, incident response, and operational and defensive strategies. This will support your professional development and growth. Opportunities to travel, attend conferences, and stay updated with cyber security innovations are available. More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV sift. There is a wide More ❯

experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV sift. There is a wide More ❯

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham. We need candidates who are able to work in a job that involves 24/… to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigations of Security Events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and coordinate with the customer's IT and Security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high-level security operations. Oversee and enhance … security incidents. Conduct real-time analysis of security events and escalate as necessary. Support investigations into incidents, determining root causes and impacts. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to contain, eradicate, and recover More ❯

and SCADA networks from evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure … the OT security ecosystem. Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause More ❯

OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll love this … environments. Strategic Contribution – Influence the development of new controls and support the delivery of Cadent’s cyber security strategy. Cross-Team Collaboration – Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement – Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact – Help protect the systems that keep gas flowing More ❯

OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll love this … environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration - Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep gas flowing More ❯

log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy. Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write high-quality security incident … knowledge resources and independent research. Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks. Produce security incident review reports to present information about incidents and provide security improvement recommendations. Understand Threat Intelligence and its application in an operational environment. Conduct Threat Hunting to identify attacks that … may not have been captured. Support incident response to national-scale incidents in a coaching capacity. Assist in the development and implementation of SOC Use Cases. Collaborate with other teams within NTT DATA to improve services based on customer needs. Prepare disaster recovery plans. What experience you'll bring: Skills and Experience: Ability to obtain SC Clearance or More ❯

Skills And Experience We’re seeking someone who is passionate about cybersecurity and brings a thoughtful, inclusive approach to delivering security services. You’ll ideally have: Experience leading security incident responses and conducting root cause analysis A strong understanding of cybersecurity and information assurance across people, processes, and technology Excellent communication skills, with the ability to explain complex topics More ❯

As a SOC Manager, you will establish goals and priorities by working closely with your team to identify the most critical focus areas. These include improving incident response times, reducing false positives and other extraneous alerts, and enhancing threat detection capabilities. In this role, you will analyze incident reports to understand the organization's security posture by … reviewing incident reports and identifying patterns and trends that may indicate weaknesses or vulnerabilities in their security defenses. You will lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team. Responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations. POC for SOC … analyst, and threat exposure management. Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response More ❯

. You will contribute to: Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel security teams. Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and … Security: Support the integration of security policies into DevOps processes and cloud-based tools. Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. Incident Response: Act as a responder within VPI's cyber security incident framework. What we're looking for We are seeking a self-motivated individual with a strong More ❯

. You will contribute to: * Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. * Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel security teams. * Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and … Security: Support the integration of security policies into DevOps processes and cloud-based tools. * Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. * Incident Response: Act as a responder within VPI's cyber security incident framework. What we're looking for We are seeking a self-motivated individual with a strong More ❯

years of service Eye care vouchers EE discounts Staff discount on Wren products Refer a friend scheme Free onsite gym About You Desired skills and knowledge: Experience in incident handling, managing incident response, and investigating targeted threats such as APTs, organized crime, and hacktivists. Background in computer forensic analysis using various forensic tools. Understanding of system internals More ❯

critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only … security events. Monitor and manage the performance of the SIEM infrastructure. Security Engineering: Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance More ❯

mitigate against potential risks. You will be actively responsible for ensuring the successful achievement of external certifications such as ISO27001, MOU, PSN and PCI-DSS etc alongside managing security incident response plans. In addition, the Lead information Security Analyst/Engineer will provide advice and guidance on government standards and industry best practice relating to information security maintain … to deal with high complex/risk problems across a diverse range of security threats Good knowledge of IT Security Principles All round experience of vulnerability management, information security incident management alongside IT Service and Asset management systems Any formal Security qualification or Degree will be advantageous Lead Information Security Engineer/Analyst - Benefits Basic salary of up to More ❯

ll ideally have: Up to 1 year of experience in a cyber security or technical support role (SOC experience is a bonus). Familiarity with SIEM tools and basic incident response concepts. Understanding of common network protocols, cyber threats, and operating systems. Exposure to log analysis and a passion for problem-solving. A desire to grow within a More ❯

United Kingdom 1 day ago Manchester, England, United Kingdom 1 day ago Cyber Security Consultant - (Remote - UK) Manchester, England, United Kingdom 1 month ago Senior Security Consultant, Digital Forensics & Incident Response Senior Cyber Security Consultant - Defence/Gov Manchester Area, United Kingdom 4 days ago Identity Security Consultant - CyberArk Exp Principal Security Architect – Sentinel, Defender, Purview Manchester, England More ❯