1 to 25 of 31 Incident Response Jobs in the South West

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … global cybersecurity efforts. What You Bring Essential: Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

with Key Vault, SBOM and image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform … service catalog entries; contribute to onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incident response when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services, API Management, Event Hub/… GitOps, and container build pipelines (e.g., ACR, OPA policies, image scanning). Working knowledge of observability tooling (Azure Monitor, Log Analytics, Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and More ❯

such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incident response planning and cloud-specific disaster recovery strategies. Stay up to date with GCP security features, UK regulatory changes, and emerging threats. Requirements What You'll Bring Essential … sector or regulated industries (e.g. finance, healthcare). Familiarity with container security (GKE, Kubernetes RBAC, image scanning). Proficiency in scripting (Python, Bash) for automation and tooling. Experience with incident response in cloud-native environments. Previous consultancy experience within UK public sector organisations. If you're interested in the above, reach out to or apply Reasonable Adjustments: Respect More ❯

execute the overall Cyber Security strategy, ensuring it aligns with business objectives, manages risk, and supports the firm's rapid growth. Oversee the Cyber Security function, including Security Operations, Incident Response, and Governance, Risk, and Compliance (GRC) specialists, providing leadership, mentorship, and effective resource allocation. Establish and enforce a robust security governance framework, including policies and procedures for … PCI DSS if applicable). Manage and continuously improve the firm's security architecture and controls across all domains: network, cloud (SaaS/IaaS), endpoints, and applications. Lead the Incident Response and Disaster Recovery programs, ensuring capabilities are tested, effective, and ready to mitigate the impact of security breaches. Drive security awareness and training programs across the organization More ❯

and automate infrastructure provisioning. Security and Compliance: Enforce security and compliance standards using tools like Azure Policy, ensuring environments are patched, monitored, and aligned with regulatory requirements. Monitoring and Incident Response: Establish monitoring, logging, and alerting systems to track environment health and lead incident response and resolution for infrastructure and deployment issues. Collaboration: Work with stakeholders More ❯

objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role. Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions. Key Responsibilities: Client Engagement & Solution Design: Collaborate with clients to identify … real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. Threat Detection & Response Strategy: Design and implement threat detection rules, logic, and response workflows that align with the client's risk profile and operational needs. Guide clients in developing and improving … their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance More ❯

matters and operating in an ITIL based environment. . Strong problem solving ability, with flexibility to think creatively and adapt to and implement rapidly changing systems and services. . Incident management experience and an ability to quickly tailor responses to deal with fast-moving situations. Essential: . Strong hands-on experience in Security Operations, Incident Response, and … Center/Microsoft Defender for Cloud . Familiarity with enterprise operating systems including Windows and Linux, across on-premises, AWS, and Azure. . Experience with ITIL-aligned processes including Incident, Problem, and Change Management. . Proficient in using ServiceNow or similar ITSM platforms. . Able to communicate technical risk and response details effectively to both technical and non More ❯

Ops - Cloud) The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose is to support safe care and … Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none … contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Depose for Security Lead (Analyst) in their absence. Act as an escalation point for Tier 2 Analysts for incidents and investigations. Offer mentorship and guidance to Tier More ❯

oversee the operation, maintenance, and performance of the SWSDE platform, ensuring security, stability, and scalability at all times. Manage and monitor system security , including threat detection, risk management, and incident response, ensuring compliance with SATRE, ISO27001, DSPT, and NHS cybersecurity frameworks. Develop and maintain secure data pipelines from contributing NHS and partner organisations, ensuring interoperability, data quality, and More ❯

compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with DevOps teams. Support incident response & recovery for cloud-native environments. What You Bring Strong cloud architecture background. Knowledge of UK regulatory frameworks. IaC experience (Terraform/Deployment Manager). Understanding of monitoring More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

complex environment Design and enhance CI/CD pipelines to support secure, automated deployments Develop and maintain orchestration strategies for seamless, repeatable and compliant deployments Conduct proactive security assessments, incident response and remediation activities Collaborate with DevOps, Architecture and Compliance teams to ensure continuous security alignment Essential Experience Demonstrable expertise in AWS security services (e.g. IAM, KMS, CloudTrail More ❯

Fusion Centre. You will report directly to the Head of Insider Risk Management and manage a team of investigators, overseeing complex security investigations, and enhancing insider risk detection and response capabilities. You will play an important leadership role in developing programmes, driving continuous improvement, and encouraging collaboration. Summary of Primary Responsibilities Collaborate with the Head of Insider Risk Management … investigators. Support professional development and foster expertise in insider risk and investigative practices. Work closely with partner teams (e.g., HR, Legal, Threat Detection Engineering, etc.) on threat detection and response initiatives to ensure coordinated and effective risk mitigation. Create and deliver insider risk awareness content, highlighting emerging trends and fostering a culture of vigilance and shared responsibility. Produce executive … enterprise. Knowledge of frameworks, laws, regulatory requirements, and privacy-related requirements of insider risk programs. Knowledge of SOC or Fusion Centre environment methodology to include threat monitoring, intrusion detection, incident response, and analysis. Knowledge of the cyber threat landscape, including types of adversaries, campaigns, and how insider and cyber threats are fueled. Process-driven with a focus on More ❯

and Security Architecture Documents. Advise on suitable cyber assessment methods, including penetration testing and vulnerability analysis. Provide assurance on the effective implementation of cyber security controls and frameworks. Develop incident response plans and support clients during security breaches, including crisis management and media handling. Communicate clearly and confidently in written reports, presentations, and day-to-day interactions. Collaborate More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯

deploy code using Java, Maven, NPM, Terraform, and Ansible Manage CI pipelines and automated testing (Cypress) Monitor services with InfluxDB and Grafana Provide 2nd/3rd line support and incident response Perform OS patching, database housekeeping, and data centre ops Required Skills Experience in managed service environments Strong Java or similar development background Git version control Strong problem More ❯

years' experience in a SOC environment (Tier 2-level maturity preferred). Hands-on experience with SIEM platforms (Sentinel/Splunk/QRadar or similar). Strong understanding of incident response and threat investigation. Comfortable working autonomously in a developing function Relevant certifications (Security+, CEH, GCIA, CISSP or similar). Package Salary: £50,000-£60,000 + on More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯