1 to 25 of 73 Incident Response Jobs in the North West

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

this role, you will be responsible for the SOC team's overall management, operations, and direction. You will oversee the monitoring, detection, analysis, and response to cybersecurity incidents and threats, ensuring that our organization's information systems and data remain secure. Your leadership will be instrumental in building a … effectively monitor and protect the organization's assets. - Maintain a high level of situational awareness regarding current and emerging threats, vulnerabilities, and attack vectors. - Incident Response & Management: - Lead the response to significant security incidents, working closely with other teams and stakeholders to contain, mitigate, and recover from … security breaches. - Coordinate post-incident analysis and reporting, ensuring that lessons learned are documented and applied to improve SOC processes. - Establish and maintain strong incident communication protocols, ensuring that relevant stakeholders are informed during and after an incident. - Collaboration & Communication: - Collaborate with other cybersecurity, IT, and business teams More ❯

implementing best practices to protect our infrastructure, applications, and data. The ideal candidate will have extensive experience in security governance, risk management, cloud security, incident response, vulnerability management, penetration testing, and leading business continuity and disaster recovery tests. You will drive ongoing compliance with various security frameworks and … benchmarks, OWASP principles, and NIST cybersecurity controls across cloud and application security. Oversee third-party security assessments to ensure vendor compliance and security standards. Incident Response, BC/DR & Penetration Testing Lead Incident Response planning, testing, and execution to ensure swift containment and remediation of threats. … disruption. Oversee web application penetration testing, collaborating with security teams to identify and remediate vulnerabilities. Drive continuous security improvements based on testing results and incident learnings. Policy & Control Enforcement Define, review, and update security policies, standards, and controls based on industry best practices. Ensure security requirements are integrated into More ❯

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We re looking for a Cyber Security Incident Response Team (CSIRT) Specialist. Based at our Capenhurst office 2/3 days a week. At Urenco we re committed to giving you … threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in this role? Demonstrates strong incident response experience with a consultancy mindset. Possesses a strong curiosity and analytical mindset - capable of identifying core problems and collaborating with various functions More ❯

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We’re looking for a Cyber Security Incident Response Team (CSIRT) Specialist. Based at our Capenhurst office 2/3 days a week. At Urenco we’re committed to giving you … threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in this role? Demonstrates strong incident response experience with a consultancy mindset. Possesses a strong curiosity and analytical mindset - capable of identifying core problems and collaborating with various functions More ❯

Starling SOC team, you will be working with the industries brightest SecOps professionals to protect Starling customers, assets, and systems using the latest technologies. Incident Triage, Response, and Investigations based on Alerts received from multiple sources which include: Cloud Infrastructure/Security. Endpoint Detection and Response. Perimeter detection … tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. Requirements About your Skills We're open-minded when it … overview: 3+ years experience in an in-house SOC role and team Understanding of AWS Security Solutions (or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms. Experience working in CSIRT/ More ❯

Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and … incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. More ❯

culture. About the Role You will be responsible for configuring and managing our security systems, monitoring security events, analysing potential security incidents, and coordinating incident response activities to protect our organisation's assets. KEY RESPONSIBILITIES Act as a primary point of contact for security incidents and alerts detected … forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to … conforms to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security More ❯

operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust … ID, and Active Directory. End User Computing Security : Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management. Incident Response & Forensics : Collaborate with security teams to analyse and respond to security incidents, conducting forensic investigations as needed. Optimize Security Posture: Enhance security … training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and EUC More ❯

resilient and secure environments. 🏡 Key Responsibilities: Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust … ID, and Active Directory. End User Computing Security : Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management. Incident Response & Forensics : Collaborate with security teams to analyse and respond to security incidents, conducting forensic investigations as needed. Optimize Security Posture: Enhance security … training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. 🏡 What we’re looking for Solid background in information security with a focus on cloud security, security architecture, and EUC security. More ❯

optimal resource allocation. Compliance and Risk Management: Ensure infrastructure compliance with relevant regulations and standards, as well as mitigation of security risks and vulnerabilities. Incident Response: Lead and or participate in incident response team(s) during events that impact business operations. Disaster Recovery and Business Continuity More ❯

a Senior SOCAnalyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Overall Cyber Incident Management Process. You will work closely with the InfoSec Engineering Team within the Security Department to Define Requirements of the Tools & Onboard New Functionality. … Maintain Security Tools & Technologies to enhance SOC ability to Detect & Respond to Security Incidents Develop & Maintain Security Procedures & Guidelines to Ensure Consistent & Effective Security Incident Response Continuously Monitor & Review Client's Security Posture & Recommend Improvements Provide Leadership, Coaching & Mentoring to SOC Analysts & Security Analysts. Ensure Compliance with Security … PCI DSS (Current Version) Knowledge of Security Tools & Technologies such as SIEM, IDS/IPS & Firewalls Knowledge of Security Incidents & Attack Methodologies Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills Leadership, Coaching & Mentoring Skills. Strong Team Player Ideally Familiarity with Industry Standard Security Frameworks such More ❯

continuous. "People first" culture The Latest, cutting-edge technology You will join a 24/7 SOC team, involved in the highest level of Incident Response activities, proactive threat hunting and development of detection and use-case capabilities. You'll be working alongside the engineering team to help … or similar experience. Microsoft SC-200 Certs are desirable. Excellent communication skills A strong knowledge of sophisticated threat actor methodologies, along with experience in incident response and forensic investigations. This business has a clear picture of where they want to be, have the right individuals steering the ship … and exceptional tech talent leading the way. Impressive customers, flexible working and a company who truly care. Responsibilities: Leading escalated Cyber Incident Management, including Major Incidents and 2nd/3rd line analysis for ongoing investigations. Carrying out proactive threat hunts, RCAs, creation of detection capabilities Monitor/hunt security More ❯

continuous. “People first” culture The Latest, cutting-edge technology You will join a 24/7 SOC team, involved in the highest level of Incident Response activities, proactive threat hunting and development of detection and use-case capabilities. You’ll be working alongside the engineering team to help … or similar experience. Microsoft SC-200 Certs are desirable. Excellent communication skills A strong knowledge of sophisticated threat actor methodologies, along with experience in incident response and forensic investigations. This business has a clear picture of where they want to be, have the right individuals steering the ship … and exceptional tech talent leading the way. Impressive customers, flexible working and a company who truly care. Responsibilities: Leading escalated Cyber Incident Management, including Major Incidents and 2nd/3rd line analysis for ongoing investigations. Carrying out proactive threat hunts, RCAs, creation of detection capabilities Monitor/hunt security More ❯

in cybersecurity. Work with the latest, cutting-edge technology. You will be part of a 24/7 SOC team involved in high-level Incident Response, proactive threat hunting, and developing detection and use-case capabilities. You'll work alongside the engineering team to optimize tuning opportunities. Candidates … Cybersecurity qualifications, certifications, or degrees e.g., CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 certifications are desirable. Strong knowledge of threat actor methodologies, incident response, and forensic investigations. This company has a clear vision, excellent leadership, and top tech talent. They offer impressive clients, flexible working, and … a supportive environment. Responsibilities: Lead escalated Cyber Incident Management, including Major Incidents and analysis for ongoing investigations. Conduct proactive threat hunts, RCAs, and develop detection capabilities. Monitor and investigate security alerts from SIEM platforms like MS Sentinel, AlienVault, or Splunk. Respond to security alerts, incidents, and requests, managing threats More ❯

work well within a team environment to keep customers secure. We value engineers that can work through ambiguity to identify suspicious activity, lead security response, and can explain technical security concepts to non-technical audiences. Key job responsibilities Identify, evaluate and communicate security threats, risks and vulnerabilities, and propose … the effectiveness of AWS detective controls such as Amazon GuardDuty, Amazon Macie, and other new security products. Develop processes and policies to increase security response effectiveness. On-call support: This role requires periodic on-call responsibilities including weekends. A day in the life As a Security Engineer in AWS … reporting issues so they can be adequately handled. You will work alongside our security engineers and partner teams to perform daily threat detection and incident response, using the full capability of AWS technologies and services to detect and mitigate cyber threats at a massive scale and help protect More ❯

about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities ?Own … of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing operational improvement actions such as development and tuning of security monitoring, alerting, and reporting. It goes without saying that this More ❯

Join us as a Security Engineer to help detect threats, improve incident response, and meet compliance requirements by designing, implementing, and maintaining the security of computer systems and networks, identifying vulnerabilities, responding to incidents, and collaborating with other teams to ensure a secure environment. To be successful as … writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may include: Scripting - Python More ❯

our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer … efficiently. What you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and … Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices More ❯

JRC members in decision-making processes. Hands-On Security Experience: Take an active role in the day-to-day management of security operations, including incident response, threat hunting, vulnerability management, and other proactive measures. Provide expertise in implementing technical security solutions and ensuring they align with organisational goals. More ❯

and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any More ❯

teams. Build and maintain relationships with technology vendors and business partners. In conjunction with JD's Managed Detect and Respond services, develop and maintain incident response plans for data security breaches, ensuring quick and effective resolution. Qualifications and Skills: Professional certifications in Information Security or Cybersecurity (e.g. Certified More ❯

conducting risk assessments, developing policies, providing security awareness training, and offering on-demand cyber expertise. Our core services range from strategy and governance to incident response planning and 62443 assessments. We also provide bespoke services tailored to the specific needs of organizations, including managed services, security architecture review More ❯

to-day operations, you'll contribute to wider projects aimed at enhancing the University's security posture through new technologies and improved detection and response capabilities. We have A passion for education, a great team, a great place to live and work, digital vision, challenges that are interesting and … cybersecurity landscape and current threats. A degree, professional qualification or extensive career experience in a relative field Hands-on experience with security monitoring and incident response technologies such as SIEM, IDS and EDR. Experience with vulnerability assessment including practical assessments for risk analysis. A strong working knowledge of More ❯