1 to 25 of 38 Incident Response Jobs in the South West

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

incidents and mangment of the SOC Analysts. This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you'll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations … Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities … equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM ...

Defender for Identity, Defender for Cloud Apps, etc.) and other monitoring tools to identify and respond to potential data loss or unauthorised data sharing Incident Triage & Response: Perform timely triage of security alerts to determine impact and urgency, investigating incidents using available tools and data Lead initial incident response actions (containment, remediation, communication) for confirmed security incidents, following established escalation procedures Ensuring that all incidents are promptly escalated to senior leadership or external partners, as appropriate Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions ...

alerts within a live SOC environment. Analyse security incidents to determine scope, impact, and priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real … cloud environments, and enterprise IT infrastructure. Experience creating and tuning detection use cases, analytics, and playbooks. Knowledge of Information Security principles, threat detection, and incident response practices. Familiarity with Microsoft technologies, Linux systems, and security tooling. Understanding of security frameworks and data protection principles including GDPR ...

strengthen the security posture of critical systems. This is a hands-on role for a LogRhythm specialist with strong experience in security monitoring, incident response, and deep-dive analysis within secure environments. What you’ll be doing: Monitoring and analysing security events using LogRhythm Investigating and responding … alerts and incidents Producing detailed incident reports and root cause analysis Tuning and optimising detection rules and use cases Supporting LogRhythm administration (2nd-line level) Mentoring junior analysts and improving SOC processes What we’re looking for: Strong LogRhythm experience (Client & Web Console) Proven SOC/incident response ...

this job title is advertised to attract the right skills needed for the role. Main duties of the job The Trainee Cyber Security Incident Manager role is within the NHS England National CSOC (Cyber Security Operations Centre), supporting the coordination, triage and management of cyber security incidents across … health and care system. Support the identification, triage and coordination of cyber security incidents within the NHS England National CSOC. Assist with incident management activity, ensuring incidents are logged, tracked and progressed in line with agreed processes and procedures. Work with technical analysts and operational colleagues to gather information ...

Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst … contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency ...

Analyst (Cloud) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre), providing second line cloud security analytics, monitoring and incident response services across cloud-hosted environments and platforms. Main duties of the job Deputise for Senior Analysts in their absence, supporting oversight … cloud security monitoring and response activity. Act as an escalation point for Tier 1 Junior Analysts for cloud security incidents, alerts and investigations. Offer mentorship and guidance to Tier 1 Junior Analysts to build capability in cloud threat monitoring, investigation and response. Keep up to date with the latest ...

artefacts produced during the development and engineering process regarding product & solution security. Supporting customer service team in development and deployment of security monitoring and incident response solutions e.g. SIEM as well as security configuration of railway system solutions and implanting and deploying cyber security solutions. Supporting the network … providing mentorship, guidance, support and leadership Representing security engineering at project milestones, driving continuous improvement through lessons learned, and contributing to the analysis and response to security vulnerabilities and incidents. The candidate will also be expected to maintain an appreciation of new technologies, emerging risks, and standards, together with ...

backgrounds, including Computer Science graduates, Linux-focused infrastructure engineers, Kubernetes/platform engineers, and individuals from live service or service desk environments with strong incident management experience. This is a hands-on operational engineering role focused on maintaining stability, availability, and performance of a complex, secure cloud platform operating … Responsibilities Provide frontline operational support for secure cloud infrastructure and platform users Troubleshoot and resolve critical incidents across live production systems Lead or support incident response, escalation, and coordination during shifts Operate within a 24/7 rota supporting high-priority workloads and services Follow, maintain, and improve ...

principles, and outcomes Review policies, governance, and technical/operational controls against CAF requirements Assess cyber capabilities across: Risk management Protective security Monitoring & logging Incident management Supply chain security Operational resilience Produce high-quality outputs including: Assessment reports Risk findings Observations Improvement recommendations Contribute to assurance documentation, reporting … communication skills Experience working within public sector, regulated, or enterprise environments Solid understanding of cyber security domains, including: Identity & Access Management Vulnerability Management Incident Response SIEM/Monitoring & Logging Resilience and business continuity Supply chain security Ability to manage multiple priorities and deliver under tight deadlines Experience working ...

doing Design, deploy and support resilient web services across test, staging and production environments Improve reliability, reduce technical debt and lead incident response, RCA and no-blame postmortems Build and maintain infrastructure as code and container platforms using tools such as Docker, Kubernetes, Helm, Ansible and Terraform Develop ...

counts, and inspection requirements. Define logging, monitoring, and SOC integration with Log Analytics and Microsoft Sentinel, including retention, alerting, and operational dashboards aligned to incident response requirements. Lead integration design and validation with Zscaler (eg, cloud connectors), Azure Front Door, and Application Gateway, including defined bypass vs inspection ...

counts, and inspection requirements. Define logging, monitoring, and SOC integration with Log Analytics and Microsoft Sentinel, including retention, alerting, and operational dashboards aligned to incident response requirements. Lead integration design and validation with Zscaler (e.g., cloud connectors), Azure Front Door, and Application Gateway, including defined bypass vs inspection ...

extension possible) 🔒 Clearance Required: Active DV Clearance Key Responsibilities: • Perform triage of security events and incidents • Determine scope, impact and remediation priorities • Real-time incident management from detection to resolution • Support SIEM engineering and tool configuration within an enterprise SOC • Develop use cases, analytics and playbooks • Work within … Tier 2/3 SOC Analyst experience (2+ years) ✔ Hands-on SIEM experience (ArcSight preferred) ✔ SOC certifications such as SANS, ISC2 or equivalent ✔ Strong incident response and threat analysis capability ✔ Understanding of cloud technologies. Desirable: ➕ Defence/MOD experience ➕ Team lead exposure ➕ Degree in Computing, Engineering or related ...

assessment findings and security recommendations Ensuring compliance with industry standards and regulatory requirements Providing expertise and guidance on cyber security best practices Participating in incident response activities when necessary Job Requirements: Experience in cyber security roles, particularly in risk assessment and assurance Strong analytical skills with the ability ...

Manage and develop the IT team Oversee Microsoft 365, networks, telephony and key legal systems Deliver projects and drive digital transformation Own cybersecurity, risk, incident response and continuity planning What you’ll need Senior IT leadership experience (professional services ideal) Strong Microsoft 365, Windows Server, AD, Intune ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end, lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolvin... LFWQ1_UKTJ ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolvin click apply for full job details ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end, lead incident response, xxuwjjq and work closely with the CISO to drive continuous improvement across a mature but evolvin... Make sure to read the full ...

Direct Online Services seeks a motivated Cyber Security Apprentice to gain hands-on experience in cyber operations, networks, ecommerce security, governance, incident response and analytics while completing a BSc Cyber Security Degree Apprenticeship. Ideal for someone eager to build a long-term cyber security career. Role Support monitoring ...