1 to 25 of 55 Incident Response Jobs in the North of England

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

Incident Manager Sheffield (Hybrid – 2 days on site)£55,000 - £65,000 + excellent benefits Elevation Tech & Transformation are exclusively partnering with a key client to appoint an Incident Manager to own and shape the incident management function from the ground up. This is a brand … role within the business a real opportunity to define, build and continuously improve the incident management function. You’ll take full ownership of incident management, establishing best practices, refining processes and setting the standard for how incidents are handled across the organisation. This is a role where ...

GDPR and guidance from the National Cyber Security Centre. Work with internal teams and suppliers to implement proportionate and effective security controls. Security Operations & Incident Management Act as the primary point of contact for security incidents, leading or coordinating response activities. Take a hands-on role in incident investigation, root cause analysis, and remediation. Ensure that incident response processes are aligned to the operational needs of emergency service environments, including timely escalation and communication. Oversee vulnerability management, security testing, and remediation activities, engaging third parties where required (e.g., CHECK providers). Service Resilience & Operational Security ...

GDPR and guidance from the National Cyber Security Centre. Work with internal teams and suppliers to implement proportionate and effective security controls. Security Operations & Incident Management Act as the primary point of contact for security incidents, leading or coordinating response activities. Take a hands-on role in incident investigation, root cause analysis, and remediation. Ensure that incident response processes are aligned to the operational needs of emergency service environments, including timely escalation and communication. Oversee vulnerability management, security testing, and remediation activities, engaging third parties where required (e.g., CHECK providers). Service Resilience & Operational Security ...

automated deployment processes across environments. Monitoring & Observability: Implement and maintain monitoring solutions for infrastructure and applications. Develop dashboards and alerting systems to ensure proactive incident and security event management. Evaluate and integrate new observability tools as needed. Automation & Tooling: Automate repetitive tasks to improve efficiency and reduce human error. … Azure environments. Ensure scalability, resilience, and security of service-based architectures. Implement cost management strategies to optimise cloud spend without compromising performance or security. Incident Response & Root Cause Analysis: Lead incident response efforts, including security incidents, and conduct post-mortem reviews. Drive continuous improvement through lessons ...

DDoS protection to keep our platform secure and performant. Drive vulnerability management across cloud infrastructure and application code, ensuring timely prioritisation and resolution. Lead incident response coordinate detection, investigation, containment and post-incident reviews. Maintain and evolve security monitoring, alerting and operational runbooks to ensure consistent coverage. … familiarity is important. Practical understanding of UK GDPR, DPA 2018 and PCI-DSS compliance requirements. Experience building or maturing security governance policies, risk registers, incident response procedures. Ability to communicate security risk and posture clearly to both technical teams and senior leadership. Hands-on comfort with security tooling ...

Security: Drive the secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

compliance with security standards, and protecting both organisational and customer data. You will act as an important escalation point for security-related matters, including incident response, while supporting technical teams in maintaining a strong and compliant security posture. Key Responsibilities Review and analyse current security measures to identify … frameworks, and industry best practices Experience across infrastructure and networking environments, both on-premise and cloud-based Hands-on involvement in vulnerability management and incident response Familiarity with security monitoring tools such as firewalls, IDS/IPS, and extended detection solutions Experience working with SIEM, cloud security platforms ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

monitoring across multiple networks and services Oversee and contribute to the analysis, investigation and escalation of security incidents Coordinate closely with Cyber Operations and Incident Response teams to contain and mitigate threats Develop and enhance detection use cases, tooling and operational processes Provide subject matter expertise on threat … previous clearance About the team The Cyber Operations team protects critical systems and sensitive environments from advanced threat actors. Covering Threat Intelligence, Detection, Incident Response and Active Defence, the team operates at the forefront of cyber security, safeguarding the technology and services that support national security and those ...

controlled environment. The Role You'll be responsible for the day-to-day operation and improvement of a central Azure cloud platform, covering monitoring, incident response, automation, and platform reliability. Senior hires will also play a key role in mentoring others and driving improvements across the platform. What … Azure (IaaS/PaaS) Terraform for Infrastructure as Code Kubernetes and containerised platforms CI/CD using GitHub Actions or similar Monitoring, alerting, and incident response tooling L2/L3 on-call support within a 24/7 rota What they're looking for Experience supporting cloud platforms ...

Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...

Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, youll gain hands-on experience that prepares you for todays fast-growing cyber security and IT roles. Our learners … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

/SLOs. You’ll help teams implement pragmatic observability—logging, metrics, and distributed tracing—with actionable alerting, and you’ll contribute to (or lead) incident response and post-incident reviews that drive learning and measurable improvements. Job qualifications We are looking for experience in the following skills … Dynatrace ( or similar tools) , including alerting, dashboards, and root-cause analysis. Exposure to AIOps practices , leveraging automation and intelligence for proactive issue detection and incident reduction. Experience supporting production platforms , including incident management, problem management, and continuous improvement. Ability to mentor junior engineers , influence technical standards ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. You’ll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities ...

Lead, mentor, and develop a team of SOC analysts in a 24/7 operational environment across a three-shift rotation • Own and enhance incident detection and response capabilities • Act as senior decision-maker during major incidents and crisis situations • Develop and implement SOC use cases aligned … playbooks • Collaborate with Security Engineering to optimise detection pipelines • Build strong relationships with stakeholders across technology and the wider business • Partner with the Major Incident Manager on critical security events • Support regulatory compliance, audit requirements, and contribute to strategic direction Experience • Proven experience managing SOC or security operations teams ...

scripts, and internal platform tooling. Support self-service capabilities for application and product teams. Operational Support (BAU) Support day-to-day platform operations and incident response. Apply patches, upgrades, and maintenance to platform components. Assist with onboarding new cloud environments and subscriptions/accounts. Documentation & Collaboration Maintain engineering documentation ...

provisioning, and deployment across environments. Testing practices Implementing unit, integration, and performance tests to ensure reliability, correctness, and reproducibility across all release cycles. Observability & incident response Working with monitoring tooling and incident workflows to track system health, detect anomalies, and respond to failures in Real Time. … across multiple environments Strong understanding of software testing at all levels: unit, integration, and performance Practical experience with observability platforms and on-call/incident management Comfortable working across big data technologies and large-scale database architectures Ability to engage confidently with engineers, security professionals, and non-technical stakeholders ...