1 to 25 of 44 Incident Response Jobs in the Midlands

experianplc.com. Internal Grade E Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events … affecting Experian. You will be a part of the first line of defence in Experian's broader incident response and incident management departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios

assessments, identify vulnerabilities, and implement mitigation strategies that protect our infrastructure and digital assets. Oversee Security Operations: Lead daily security operations, including monitoring and incident response, ensuring our defences stay robust. Ensure Compliance: Work with our risk and compliance team to ensure compliance with regulations such as GDPR … certifications like ISO 27001. Promote Security Awareness: Foster a security-conscious culture through employee training, keeping the whole organisation alert to security risks. Incident Response: Manage and lead the resolution of security incidents, containing threats and ensuring our recovery is swift and effective. What You'll Bring Experience

activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits … intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake

architecture, and project teams to improve security posture and integrate security into business processes. Respond to and investigate security incidents, participate in troubleshooting and incident response activities. Provide oversight and support for Security Operations Center (SOC) activities. Develop and enforce security policies, standards, and procedures. Educate and mentor … IT. Hands-on experience with vulnerability management, patch management, and security platforms. Experience developing and auditing governance, risk, and compliance controls. Experience in incident response and security project delivery. Experience managing or participating in security-related projects is a plus. Excellent IT skills, including networking, operating systems (Windows

role in protecting a large-scale, high-availability environment, acting as an escalation point for complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling … malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems and using threat intelligence to strengthen detection capabilities. Producing clear, concise incident reports for senior stakeholders, including non-technical audiences. Supporting junior analysts with guidance, best practice coaching and career development (no formal line management).

where you'll help set the direction for cybersecurity, manage risk, and ensure compliance across all environments. You'll lead a dedicated team, drive incident response, and work closely with senior stakeholders to safeguard critical systems and data. This is an excellent opportunity for an experienced professional … aligned with best practice frameworks and industry standards Take the lead on risk assessments and vulnerability reviews, implementing robust controls to mitigate threats. Manage incident response processes, including preparation, detection, resolution, and post-incident analysis. Mentor and develop the cybersecurity team, ensuring they have the tools

environments. You'll work across servers, networks, storage, and security tools, contributing to infrastructure projects as well as cyber initiatives such as vulnerability management, incident response, and enhancing security controls. You'll also collaborate with group security teams and help ensure systems remain resilient and up to date. … etc.) Palo Alto deployment/configuration experience is a must Good understanding of firewalls, network protocols, and intrusion prevention Ability to manage vulnerability scanning, incident response, and remediation Confident communicator with solid documentation skills The role also covers an office in Milton Keynes and they might be occasional

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture.- 3 days on site in Birmingham (Please ensure you are local before applying)- £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation

looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. Role Assisting in monitoring network traffic … detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying

passionate about technology and eager to start a career in cyber security? We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts … Microsoft technologies like M365 and Azure. Our mission is to keep networks secure, efficient, and future-ready. Responsibilities: As a Cyber Threat Detection & Response Apprentice at SNO, you’ll work alongside experienced professionals to strengthen our cyber defence capabilities. Your responsibilities will include: Assisting in monitoring network traffic

Lead the development and implementation of IT and information security policies and controls. • Oversee the cyber security posture, risk management, and incident response. • Manage compliance for Data Protection, Freedom of Information (FOI), and Subject Access Requests (SARs). • Monitor and improve the network and server infrastructure (on-premise … team. • In-depth understanding of information security, data protection, and compliance. • Strong technical knowledge of networks, infrastructure, and cloud environments. • Experience managing risk assessments, incident response, and security operations. • Excellent problem-solving, communication, and leadership skills. Desirable qualifications and experience: • CISM, CISSP, ISO 27001 Lead Implementer/Auditor

Lead the development and implementation of IT and information security policies and controls. • Oversee the cyber security posture, risk management, and incident response. • Manage compliance for Data Protection, Freedom of Information (FOI), and Subject Access Requests (SARs). • Monitor and improve the network and server infrastructure (on-premise … team. • In-depth understanding of information security, data protection, and compliance. • Strong technical knowledge of networks, infrastructure, and cloud environments. • Experience managing risk assessments, incident response, and security operations. • Excellent problem-solving, communication, and leadership skills. Desirable qualifications and experience: • CISM, CISSP, ISO 27001 Lead Implementer/Auditor

dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant. This role demands a technically strong individual with excellent stakeholder communication and problem-solving … configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third-party tools. Ensure migration plans include validation, rollback procedures, and knowledge transfer. Platform Operations & Incident Response: Maintain Splunk infrastructure in both Production and Non-Production environments. Support Splunk SRE and Application teams in incident investigation and resolution.

dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. Support compliance with ISO 27001, PCI DSS, etc Document

performance of the SIEM infrastructure to maintain optimal functionality. Security Engineering:Contribute to various security engineering projects and work closely with security operations and incident response systems. Stay updated on emerging threats and best practises in the cybersecurity landscape. Skills You'll Need to Succeed: Essential:- Strong experience

Security as needed. What you’ll be doing Providing 2nd/3rd line IT support in line with SLAs, covering connectivity issues, system outages, incident response, and critical upgrades Administering network, server, and security technologies, including firewalls, VPNs, and monitoring tools Coordinating and participating in vulnerability testing, security

certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/

certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/

with the high demand. In this varied role you will be accountable for a broad range of Security Operations activities, including proactive monitoring, incident response, threat and vulnerability management, managing the external Security Operations Centre (SOC) partnership and developing security capabilities. You will also play a key part

functional teams in Agile environments to deliver high-quality software Conduct code reviews and enhance testing practices to ensure software reliability Provide support and incident response for developed automation solutions Mentor junior engineers and promote DevOps best practices Maintain and enhance knowledge bases and documentation for operational excellence

practices. Understanding of cloud security best practices and competency with Identity and Access Management (IAM). Excellent troubleshooting and debugging skills, with experience in incident response. Experience working in an Agile methodology. Ability to write comprehensive technical documentation and manage configuration control (Git). Experience with Terraform is highly

practices. Understanding of cloud security best practices and competency with Identity and Access Management (IAM). Excellent troubleshooting and debugging skills, with experience in incident response. Experience working in an Agile methodology. Ability to write comprehensive technical documentation and manage configuration control (Git). Experience with Terraform is highly