1 to 25 of 33 Incident Response Jobs in the South West

20th January Main duties of the job The role combines governance, assurance and hands-on leadership of proactive and preventative tactics, threat intelligence, incident response, vulnerability management, strategy and cultural change to build cyber resilience across the Integrated Care System (ICS They will have a proven track record … within the NHS or wider public sector. They will possess deep technical and governance expertise across areas such as threat detection, vulnerability management and incident response, with the ability to translate complex technical risk into clear, articulate, actionable information for senior executives and boards with assurance and confidence. ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

Cyber IT Operations Lead, you will take ownership of operational cybersecurity, policies, and risk management. You will define and maintain security standards, oversee incident response, and ensure compliance with frameworks such as ISO27001, Cyber Essentials, CIS, NIST, and GDPR. A key part of this role involves leading … with customers and partners, and support accreditation and audit processes. Cyber IT Operations Lead Essential Skills: Strong experience across IT operations and cybersecurity, including incident response, risk management, and policy creation Working knowledge of security frameworks such as ISO27001, CIS, NIST, GDPR, and Cyber Essentials Cybersecurity certifications such ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in Scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

diagrams, and evidence packs. Chair the Cyber Security Working Group and support regional security leads. Assist the Security Architect with deploying new controls. Deliver incident response: triage escalations, coordinate crisis response, provide out-of-hours support, and perform post-incident reviews. What We're Looking … Required Experience: Degree or equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills ...

Clearance - Gloucestershire Based or ability to travel to Gloucestershire.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

across systems and infrastructure. Track emerging threats and recommend updates to policies, standards, and procedures. Oversee daily security operations, including monitoring, vulnerability management, and incident response. Lead and mature the regional incident response function, coordinating with global teams on high-severity events and driving continuous improvement. Manage … primary contact for operational cyber matters, providing clear, timely communication to stakeholders and leadership. About You Demonstrable experience in cyber security operations, including incident management, threat monitoring, and vulnerability management. Familiarity with regulatory frameworks within region and best practices (such as ISO 27001, NIST CSF, Cyber Essentials). Professional ...

Actions, Jenkins, CircleCI). Solid understanding of Linux systems and scripting (Bash, PowerShell, Python). Familiarity with security principles , SIEM/SOC tools, or incident response. Knowledge of networking fundamentals and APIs. Excellent problem-solving and communication skills. Nice to Have Experience with containerization (Docker, Kubernetes). Exposure ...

platforms (Hyper-V, VMware) and implement endpoint security (EDR, anti-malware, DLP) Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for threat detection and incident response Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement Align security controls with ISO 27001, NIST, CIS, and Cyber ...

platforms (Hyper-V, VMware) and implement endpoint security (EDR, anti-malware, DLP) Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for threat detection and incident response Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement Align security controls with ISO 27001, NIST, CIS, and Cyber ...

including Data Protection Impact Assessments. Manage compliance and supplier security controls. Oversee penetration testing and manage vulnerability fixes. Develop and test the company's incident response plan. Support the secure implementation of new AI-driven tools. Lead, coach, and support a small technical team. Requirements 2+ years ...

/analysis. Provide expertise in deploying, configuring, and maintaining Fortinet products within the network and security landscape. Work with cross-functional teams to support incident response, problem resolution, and continuous service improvement. Produce and maintain clear technical documentation, operational procedures, and configuration standards. Essential Experience & Skills Significant, proven ...

standards and regulations, including the Cyber Resilience Act. Responsibilities Assess, establish and maintain clear guidelines and best practices for secure coding, vulnerability management, and incident response Develop and maintain product security risk assessment processes, providing support and guidance to project teams Develop scanning and review processes to discover … effectiveness of the implemented cybersecurity controls Coordinate activities with the owning product divisions when vulnerabilities are reported by 3rd parties, and guide the response Work with development teams to remediate security vulnerabilities and prevent future incidents Track and address security issues effectively, ensuring timely remediation and patching Document ...

other engineers. Monitoring and Operational Excellence: Implement and manage monitoring, logging, and alerting solutions (e.g., Prometheus, Grafana, Stackdriver) to ensure high availability and proactive incident response for all hybrid infrastructure. Required Skills & Qualifications Experience: 5+ years of experience in a DevOps, SRE, or Platform Engineering role. GCVE Expertise ...

standards. Working with our Crypto custodians to ensure accurate transfer of information and maintaining records. Coordinate crypto change windows (key loads/rollovers), support incident response related to crypto assets, and drive continuous improvement of crypto processes. Ensure that Key Material is ordered from NCSC/ ...

equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting Required Skills & Experience At least 2 years' experience in a dedicated Security Analyst role Hands-on experience with: SOC operations SIEM … tools Vulnerability management Incident response and investigation Log and event analysis Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance ...

develop, deliver, and maintain secure standards and practices tailored to the unique requirements of the OT environment improve visibility of assets and advanced incident detection and develop the means to contain and respond to security threats conduct cyber and security incident response maintain and develop cyber security ...

senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain … incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience ...

senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain … incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience ...

administration background Proficiency with Terraform, Ansible (or similar tools) Knowledge of scripting (Bash/Python), CI/CD, and version control (Git) Experience in incident response and disaster recovery Strong communication skills and a collaborative mindset Nice to Have AWS Associate certification (or interest in achieving it) Exposure ...

operational challenges across multi-site education environments and can deliver immediate stability and risk reduction. Typical Contract Responsibilities: Leading trust-wide cyber-security monitoring, incident response and vulnerability management Strengthening identity, endpoint, cloud and network security controls (MFA, EDR, SIEM, firewalls, O365 security) Conducting risk assessments, audits ...

skills over certificates, though!) Multi-cloud or hybrid security experience Container security & supply-chain/SBOM tooling Applied cryptography fundamentals (KMS, envelope encryption, etc.) Incident response or red/blue/purple team exposure OSS security contributions or AWS community involvement Technical/IT degree ...