1 to 25 of 51 Incident Response Jobs in Slough

s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new … AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. … cyber defense About Nothreat Nothreat is a cybersecurity company building intelligent defense platforms powered by AI. We help enterprises stay ahead of modern threats through real-time detection, automated response, and AI-enhanced decision-making. Join us in shaping the future of proactive, intelligent cyber defense. #J-18808-Ljbffr More ❯

Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to … with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption … information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance More ❯

a cybersecurity team, overseeing the implementation of security strategies. Develop and enforce cybersecurity policies, standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong More ❯

new security systems/solutions aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and evaluating … endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems, Computer Science, Engineering, or related discipline. 5-10 years of information security and information technology desired … including Unix, Windows, Linux, TCP/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN and intranet/internet security environments including firewalls, intrusion detection, incident response, vulnerability testing, operating system hardening, regulatory compliance, and data classification. Experience in IAM, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Cloud Security, Virtual Machine Security, Wireless More ❯

. Certifications: CISM, CISSP. Experience with Patch Management, EDR/XDR, Antivirus, NAC (Forescout), Vulnerability Scanning tools (Tenable One, Qualys). Understanding of vulnerability scoring (CVSS/CMSS). Incident Response & Forensic Skills. Support experience with Azure, Oracle Cloud, Windows, Linux, and Mac. Knowledge of security filtering/monitoring solutions and patching processes. #J-18808-Ljbffr More ❯

Certifications: CISM, CISSP Experience with Patch Management, EDR/XDR, Antivirus, NAC (Forescout) Familiarity with Vulnerability Scanning Tools (Tenable One, Qualys) Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident Response & Forensic Management skills Experience with Azure, OCI Cloud, Windows, Linux administration Knowledge of email/security filtering solutions #J-18808-Ljbffr More ❯

reduce cyber risks through operational leadership and capabilities. We’re looking for a Level 3 SOC Analyst to join our client's team, offering expertise in security analysis and incident response to help drive the success of their Cyber Security Operations Center (CSOC). In this role, you will investigate and validate potential security threats, utilising a range … you will also work to mentor and uplift analyst skills and act as a key escalation point. The role will involve collaborating with global security teams, including CERT and Incident Management, to enhance overall security capabilities. Key Responsibilities: Advanced Incident Response: Handle escalated security incidents that L1 and L2 analysts cannot resolve, such as sophisticated malware infections … lead security event analysis activities. Security Reporting and Advisories: Contribute to or lead the delivery of cyber security reports and advisories to key stakeholders. Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk. Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal More ❯

and Azure infrastructure Represent security in governance forums, and provide regular reporting to internal committees and stakeholders Work with internal teams and MSPs to ensure effective security operations and incident response Qualifications: Experience leading or significantly contributing to an organisation’s security posture Strong understanding of GRC and regulatory frameworks (ISO27001, NIST, CE+, DORA, etc.) Technical foundation, ideally More ❯

evolving threat landscape. What You’ll Be Doing Effectively operate and enhance existing cyber security tools, while researching and deploying new solutions (e.g. XDR, SOAR). Lead and support incident response activities, including simulations and live scenarios. Oversee and maintain the outsourced SOC team and other cyber partners. Review and implement policy improvements aligned to GDPR, ISO27001, NIST More ❯

be responsible for supporting multiple projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office (PMO). Your Impact Manage … PMI Project Management Professional (PMP), PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project plans and ensuring on-time … Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and More ❯

compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering teams to embed secure coding practices and tackle vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding/offboarding processes, and device compliance using SSO/SCIM and MDM platforms. … experience in enterprise IT or information security — ideally within SaaS , B2B , or fast-paced environments. Deep knowledge of compliance frameworks and IT governance. Understanding of third-party risk management, incident response, and security operations. Strong experience with MacOS administration tools (JAMF preferred). Familiarity with modern cloud environments, particularly Azure . Proficient in scripting languages such as Python More ❯

matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans More ❯

system. Serve as the primary contact for certification bodies and spearhead all audit activities. - Information Security Officer (ISO Role): Oversee the organisation's security posture, policies, risk management, and incident response, providing technically credible input . - AI Governance Lead: Manage the implementation and operation of AI governance, ensuring responsible AI practices. - Data Privacy Oversight: Ensure compliance with relevant More ❯

parts of the organisation and with vendors and external support teams as needed. Working flexibly, outside of core hours and as part of a support rota as required Providing incident response, business continuity and disaster recovery support as part of the on-call rota. Working as needed to provide proactive maintenance at dates and times that minimise disruption More ❯

Work with the EMEA SOC team to support threat detection engineering activities Develop and maintain the information sharing platforms (Teams and SharePoint) Act as a member of the EMEA incident response team, under the direction of the regional Head of Cyber Security, with responsibility for incident related research, incident tracking activities and communication Work with the … EMEA Head of Cyber Security to develop incident classification and reporting methods using ServiceNow as the central incident tracking and reporting tool Work with the EMEA branch to identify and document processes to a level sufficient to support the implementation of automated incident response using the Splunk SOAR application Participation in the EMEA information security daily More ❯

MANDARIN Network and Security Engineer Location London Work style: Onsite office-based role Salary: up to £75000 Per annum Languages: Mandarin Chinese and English Key Responsibilities: 1. Security Monitoring & Incident Response Monitor security tools (firewalls, IDS/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist … in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints for NAC upgrades and troubleshooting. Install, configure, and troubleshoot Cisco IP Phone/IPC services. 5. Network Administration Configure user switches, patch network More ❯

deploy IAM solutions (Entra ID, Conditional Access, PAM) Drive vulnerability management strategy and tooling Apply Zero Trust and Secure by Default principles Monitor systems, respond to threats, and support incident response Communicate findings to both technical and non-technical teams Required experience: 3–5+ years in cybersecurity/infosec engineering Strong experience with IAM tools, cloud platforms (Azure More ❯

or Typescript Ability to write secure-by-default Terraform for cloud deployments Solid understanding of cloud and application security principles Knowledge of network protocols, vulnerability management, and creation of Incident Response programs Willingness to learn and adapt to new security challenges and technologies Relevant certifications such as AWS Certified Security, GIAC GC*, ISC2 CCSP/CISSP, or equivalent More ❯

working 100% remotely. This is a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working alongside a team of talented … suitability for the role. Key responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content … development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation of Security Controls using automation. Experience working with multi cloud environments (specifically AWS and Azure More ❯

Manager for the EMEAs region. In this role, you will be supporting the creation and enforcement of Jefferies’ Business Continuity Program, including policy reviews/updates, business impact analysis, incident monitoring and response and more. This role will also help lead the BC Regulatory program to horizon scan for regulatory updates/changes that would apply, and provide … in Compliance and Legal. Recommend recovery strategies and assist with implementation of recovery solutions. Plan and coordinate regular testing exercises and simulations to test the effectiveness of BC/incident management plans and to fulfill various regulatory requirements. Participate in any internal and industry wide tabletop exercises Support and lead Business Continuity awareness training for new employees and recurring … coordinate security alerts and the traveler safety program for potential risks to Jefferies staff and offices Monitoring news & alerts for incidents that may affect Jefferies’ offices and travelers Support incident response efforts, specifically documenting and gathering timelines, data points and action items, and following up with responsible parties for close-out of assigned action items. Collaborate with various More ❯

Implementing monitoring and alert systems Required Skills: Strong understanding of AWS services such as IAM, S3, ECS, EC2, Lambda Experience with Infrastructure as Code (IaC) using Terraform Knowledge of incident response and SIEM tools Experience working in large enterprise and financial services environments #J-18808-Ljbffr More ❯

most sophisticated threat actors out there and genuinely develop your career within one of the most reputable banks worldwide. Senior Cyber Operations Analyst – Key Responsibilities: Lead the investigation and response for escalated security incidents, performing in-depth analysis and coordinating containment and mitigation strategies. Conduct proactive threat hunting using network traffic, behavioural patterns, threat intelligence, and security telemetry. Utilise … tune SIEM tools such as Splunk, leveraging advanced queries and dashboards to identify anomalies. Collaborate closely with global security teams, threat intelligence units, and stakeholders to improve detection and response playbooks Senior Cyber Operations Analyst – Requirements: Strong proficiency with SIEM platforms, ideally Splunk, including custom query writing and dashboard development. Deep understanding of incident response, including network More ❯

complex, fast-evolving business. Role and Responsibilities Lead design, implementation and monitoring of robust security controls Oversee security architecture and operational tools across on-prem and cloud environments Manage incident response, threat investigation, and vulnerability mitigation Conduct risk assessments, audits, and third-party security reviews Collaborate with teams to prioritise remediation, security best practices, and awareness Provide expert More ❯

for reliability, uptime, and efficiency. Automate configuration, provisioning, and deployment to reduce manual effort and streamline operations. Implement and uphold security standards, including encryption, access control, and compliance. Lead incident response and root cause analysis, applying preventive measures to avoid recurrence. Collaborate across teams (QA, DevOps, IT) to troubleshoot and enhance system performance. Maintain clear documentation for configurations More ❯

a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on … threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to … lock down cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections More ❯