1 to 25 of 48 Incident Response Jobs in the South West

defined by the successful and secure deployment of Salesforce as part of the largest transformation programme in the history of the UK charity sector (Engage ). The governance frameworks, incident response protocols, and security strategies you design and embed will lay the foundations for Cancer Research UK's long-term resilience - safeguarding critical data and empowering our lifesaving … threats and vulnerabilities within the Salesforce NPC environment. Security Controls Implementation:Developing and enforcing security controls, policies, and procedures to safeguard sensitive data and ensure compliance with industry standards. Incident Response:Establishing and managing incident response protocols to effectively address and mitigate security breaches or incidents. User Training and Awareness:As part of a wider change … on the end-to-end architecture, design, and execution of security strategies and transformational initiatives with the ability to adapt to changing security landscapes and organisational needs. Led effective incident response efforts with experience using security technologies (including encryption protocols, firewalls, intrusion detection systems, and vulnerability assessment tools) to minimise risk and ensure rapid recovery. Subject matter expert More ❯

patch management processes for virtual machines, containers and serverless functions. Integrate vulnerability scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI/CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks … security subject-matter expert during architecture and design reviews. Mentor and upskill engineers on secure coding and DevSecOps best practices Continuous Improvement Develop and refine security playbooks, runbooks and incident response procedures. Monitor security metrics and key risk indicators and identify opportunities to improve tooling and processes. Evaluate and pilot emerging security technologies, especially within the Microsoft security More ❯

individuals looking to gain practical, job-ready skills in protecting digital assets and systems. The bootcamp aims to enhance participants' abilities in areas such as network security, ethical hacking, incident response, and security operations, enabling them to secure new or higher-value opportunities in the cybersecurity field. You will be responsible for delivering engaging and interactive sessions, guiding … support, feedback, and mentorship Collaborate with the Teaching Assistant and wider team to support learner development Lead or support additional activities such as webinars, hands-on labs, and simulated incident response exercises Contribute to the evaluation of the programme, offering feedback for continuous improvement Areas of Knowledge We are looking for people who have working experience or comfortable … e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR More ❯

individuals looking to gain practical, job-ready skills in protecting digital assets and systems. The bootcamp aims to enhance participants' abilities in areas such as network security, ethical hacking, incident response, and security operations, enabling them to secure new or higher-value opportunities in the cybersecurity field. You will be responsible for delivering engaging and interactive sessions, guiding … support, feedback, and mentorship Collaborate with the Teaching Assistant and wider team to support learner development Lead or support additional activities such as webinars, hands-on labs, and simulated incident response exercises Contribute to the evaluation of the programme, offering feedback for continuous improvement Areas of Knowledge We are looking for people who have working experience or comfortable … e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR More ❯

skill growth. Mentorship: Support junior analysts through guidance and promote a culture of learning and innovation. Technical Leadership: Act as the principal expert to ensure effective monitoring, detection, and response to security threats. Continuous Improvement: Drive innovation and keep the team aligned with the latest cybersecurity practices. Tool Optimisation: Oversee the enhancement of security tools to maintain a proactive … security posture. Incident Response: Provide expert guidance during security incident investigations and response efforts. Insider Threat: Manage and investigate Insider Threat cases as required. Threat Hunting: Lead scheduled threat hunts to ensure thorough detection of advanced threats. External Collaboration: Work with external partners to strengthen SOC defenses and ensure compliance. Customer Network Oversight: Serve as the … dynamic service. You'll need strong analytical skills and the ability to communicate professionally with peers and customers, even under pressure. Proven cyber security experience in protective monitoring and incident response (e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. More ❯

to provide advice guidance and help manage the business' Cyber and Operational Security risks. Build close relationships and liaise with Ayvens Central Security on operational security, internal control and incident response as required. To actively remain informed and educated in respect of new and evolving areas of Technology, Information and Cyber security and be a proactive champion of … central reporting as required. Support the Ayvens UK Information Security awareness program, support the delivery of awareness activities and communication across the business as appropriate. Operational Security Supervise the response to all technical alarms and periodic audits to ensure compliance with agreed controls. Oversee the investigation and management of operational security incidents and alerts to assist in the design … Provide clear guidance and awareness on operational security controls such as DLP, Phishing, EDR and SEP to ensure the business can achieve its objectives safely and securely. Oversee the response to security alerts from SG CERT and Ayvens central and co-ordinate any urgent incident response. Manage Ayvens out-of-hours security incident response plans and More ❯

successful candidate will play a central role in delivering risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and … policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent … compliance frameworks. Hands-on experience with security technologies: SIEM, IAM, vulnerability assessment, endpoint protection, cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer/Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous More ❯

successful candidate will play a central role in delivering risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and … policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent … compliance frameworks. Hands-on experience with security technologies: SIEM, IAM, vulnerability assessment, endpoint protection, cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer/Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous More ❯

successful candidate will play a central role in delivering risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and … policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent … compliance frameworks. Hands-on experience with security technologies: SIEM, IAM, vulnerability assessment, endpoint protection, cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer/Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous More ❯

teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks in solution architectures. Create security documentation (e.g., RMADS, Security Assurance Documents). Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST … modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Certifications such as CISSP More ❯

teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks in solution architectures. Create security documentation (e.g., RMADS, Security Assurance Documents). Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST … modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Certifications such as CISSP More ❯

and audits. Vulnerability Analysis: Conduct assessments and penetration testing. Develop mitigation strategies and track vulnerabilities. Forensic Analysis: Analyze security incidents, collect evidence, and prepare reports to improve security posture. Incident Response: Lead response efforts, develop plans, and conduct post-incident reviews. Security Tools: Manage security tools like firewalls and intrusion detection systems. Evaluate new technologies. Documentation … plus), and understanding of secure development lifecycle. Proficiency with security tools, firewalls (Palo Alto preferred), IDS, endpoint security. Strong understanding of network protocols, VPNs, and security architecture. Experience in incident detection, analysis, response, forensic and malware analysis. Skills in scripting and automation (Python, PowerShell). Knowledge of frameworks like ISO 27001, NIST, Cyber Essentials. Understanding of risk management … clear security documentation and communicate technical info effectively. Solid organizational skills and ability to work in a team environment. Extensive experience in cybersecurity roles, especially in security operations and incident management. Project management experience and relevant certifications (CCSP, CEH, Security+, AWS, Azure) are highly desirable. What You ll Get in Return Discretionary annual bonus 25 days' holiday, holiday buying More ❯

strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The role will include security audits, issue investigations, cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives … within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships with key stakeholders. This role is based at any of our UK site (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) with hybrid working as an option. On occasion you will be required … risk assessments and investigations, identifying vulnerabilities and proposing remediation strategies. They will develop and enforce cybersecurity policies aligned with regulatory frameworks and best practices, and lead cross-functional cyber incident planning sessions, collaborating with key business units to improve response readiness. They will provide expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate More ❯

our internal Security Operations Centre (SOC). You will work alongside experienced security professionals to monitor, investigate, & respond to cybersecurity threats. You will build foundational skills in threat detection, incident response, & security operations. Role Your duties will include: Learning to use an array of security tools such as endpoint protection, intrusion detection/protection systems, and vulnerability scanners. … Monitoring security alerts and logs using the available tool set. Assisting with the triage and analysis of potential security incidents. Supporting incident response efforts under the guidance of senior analysts. Helping to document incidents, playbooks, and reports. Supporting security operational projects. Training Cyber Security Technical Professional Integrated Degree Level 6. Workplace assessment and college block delivery (average More ❯

monitor traffic, respond to suspicious activity, and conduct audits to ensure compliance. Vulnerability Analysis Carry out regular assessments and penetration tests, develop mitigation strategies, and report on remediation progress. Incident Response Lead incident detection, containment, and recovery efforts; conduct post-incident reviews and recommend improvements. Forensic Analysis Investigate incidents, perform root cause analysis, preserve digital evidence … preferred. Security Tools Proficiency Hands-on experience with Palo Alto firewalls, IDS/IPS, and endpoint protection. Network Security Knowledge Deep understanding of VPNs, network protocols, and security architecture. Incident Management Proven ability to detect, analyse, and resolve security threats and malware. Vulnerability Management Experience in identifying and mitigating system vulnerabilities. Automation Skills Proficiency in security automation using scripting More ❯

monitor traffic, respond to suspicious activity, and conduct audits to ensure compliance. Vulnerability Analysis - Carry out regular assessments and penetration tests, develop mitigation strategies, and report on remediation progress. Incident Response - Lead incident detection, containment, and recovery efforts; conduct post-incident reviews and recommend improvements. Forensic Analysis - Investigate incidents, perform root cause analysis, preserve digital evidence … preferred. Security Tools Proficiency - Hands-on experience with Palo Alto firewalls, IDS/IPS, and endpoint protection. Network Security Knowledge - Deep understanding of VPNs, network protocols, and security architecture. Incident Management - Proven ability to detect, analyse, and resolve security threats and malware. Vulnerability Management - Experience in identifying and mitigating system vulnerabilities. Automation Skills - Proficiency in security automation using scripting More ❯

monitor traffic, respond to suspicious activity, and conduct audits to ensure compliance. Vulnerability Analysis – Carry out regular assessments and penetration tests, develop mitigation strategies, and report on remediation progress. Incident Response – Lead incident detection, containment, and recovery efforts; conduct post-incident reviews and recommend improvements. Forensic Analysis – Investigate incidents, perform root cause analysis, preserve digital evidence … preferred. Security Tools Proficiency – Hands-on experience with Palo Alto firewalls, IDS/IPS, and endpoint protection. Network Security Knowledge – Deep understanding of VPNs, network protocols, and security architecture. Incident Management – Proven ability to detect, analyse, and resolve security threats and malware. Vulnerability Management – Experience in identifying and mitigating system vulnerabilities. Automation Skills – Proficiency in security automation using scripting More ❯

organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise for enterprise, cloud and air-gapped environments along with More ❯

objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role. Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions. Key Responsibilities: Client Engagement & Solution Design: Collaborate with clients to identify … real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. Threat Detection & Response Strategy: Design and implement threat detection rules, logic, and response workflows that align with the client's risk profile and operational needs. Guide clients in developing and improving … their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance More ❯

assessment of Clarks' security posture Support business continuity and disaster recovery processes and assist in the development and implementation of activities to improve Clarks' cyber resilience Support of security incident response activities, including providing expertise in triaging and resolving key issues, engaging with outsourced security operations and internal SecOps teams to ensure standards and policies are appropriately applied … and assisting in the creation and updating of relevant run books to help ensure effective incident management planning and execution Support for compliance and audit activities, working with internal and external stakeholders to understand requirements, identify remedial activity, and monitor progress Analysing emerging and developing threats and working with stakeholders to validate the potential impact on Clarks - and recommend … security controls and best practices across a number of the following areas/domains: Network and infrastructure (networking protocol knowledge is an advantage Endpoint (e.g. DLP, Endpoint Detection and Response, File Integrity, SIEM) Database technologies (SQL, Oracle) General cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and data protection laws and regulations and how they More ❯

lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed … with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are desirable (e.g. CEH, CCSP, Security+, AWS or Azure certifications ) Benefits: Annual bonus More ❯

lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed … with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are desirable (e.g. CEH, CCSP, Security+, AWS or Azure certifications ) Benefits: Annual bonus More ❯

lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed … with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are desirable (e.g. CEH, CCSP, Security+, AWS or Azure certifications ) Benefits: Annual bonus More ❯

lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed … with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are desirable (e.g. CEH, CCSP, Security+, AWS or Azure certifications ) Benefits: Annual bonus More ❯

growth and operational maturity Maintain the security risk register, treatment plans, and internal audit programme Collaborate with Compliance and DPO on data protection alignment (e.g. DPIAs, vendor risk, breach response) Operational Security Own incident response procedures, including tabletop exercises and post-mortems Oversee endpoint and cloud security tooling, logging, and alerting (in collaboration with DevOps/IT … assurance Up-to-date ISMS documentation and live security risk register Completion of security training for >95% of staff within policy windows Continuous improvement in internal vulnerability management and response SLAs Measurable maturity improvements in DevSecOps and SaaS infrastructure controls Demonstrated impact on commercial outcomes via faster security assurance for enterprise deals Your Background Proven experience leading security in More ❯