21 of 21 Incident Response Jobs in the Thames Valley

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

what users need, when they need it. Provision of effective cyber security protective monitoring, vulnerability management in conjunction with technical teams and suppliers, and a responsive and effective cyber incident response capability. Lead on software licencing (circa £40m/y) seeking to ensure legal compliance and cost effectiveness Provide a comprehensive inventory of the IT estate to enable … Certification in ITIL mandatory. A thorough understanding of modern IT technologies and management approaches. Knowledge and experience in leading in an operational environment. Knowledge of cyber security and cyber incident response Desirable a certification in Service Operations. Skills Required Strategic thinking and strategy development, especially in the area of IT services. Exceptional leadership skills, including in operational crisis More ❯

threats, technologies, and regulatory changes. Required Skills & Experience Proven experience in cybersecurity operations, ideally within Defence, Aerospace, or other regulated sectors. Strong understanding of network security, threat intelligence, and incident response. Familiarity with SIEM platforms, firewalls, IDS/IPS, and endpoint protection tools. Experience with regulatory frameworks such as ISO 27001, NIST SP800, and MOD standards. Ability to interpret More ❯

that enable consistent environment provisioning, application deployment, and system observability. Ensure that automated solutions improve speed, reliability, and operational visibility across the full software delivery lifecycle. Take ownership of incident management, leading the coordination of response activities to restore service quickly. Facilitate post-incident reviews to identify root causes, document learnings, and drive corrective actions that prevent … Ensure documentation is accessible, accurate, and kept up-to-date to support transparency and knowledge sharing. Establish meaningful operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Provide regular reporting to stakeholders to inform decision-making and continuous improvement priorities. Provide technical mentorship and support to DevOps Engineers, helping them develop their technical More ❯

infrastructure to application design. Key Responsibilities Design and implement security controls across cloud platforms (AWS, Azure, or GCP) Develop and maintain security tooling for threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into CI/CD pipelines Monitor and More ❯

the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders and external auditors to achieve and maintain certifications. Deliver organisation-wide security and compliance awareness training. Monitor … Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience in highly regulated industries such as, technology, finance, telecoms, and maybe More ❯

people and processes forward * Must have the ability to obtain Security Clearance (SC). Duties include: Lead a shift-based SOC team delivering 24/7 security operations and incident response. Act as a senior technical escalation point for complex or high-impact incidents. Be front of house to customers for SOC technical matters and supporting within customer DDQs. … Configure, tune, and support core SOC technologies across detection, response, and monitoring. Oversee alert triage, playbook execution, and incident coordination. Drive continuous improvement in alert quality, detection logic, and automation. Collaborate with cyber engineering teams to onboard and integrate new log sources. Take ownership of team documentation, shift handover processes, and playbook quality. Required experience: Proven experience in … a leadership or senior role within a Security Operations Centre. Strong technical skills in areas such as alerting, incident response, and log analysis. Comfortable working hands-on with detection and monitoring technologies such as Microsoft Sentinel. Strong understanding of log pipelines, event correlation, and alert tuning. Familiarity with TCP/IP networking, proxies, DNS, endpoint telemetry, and OS More ❯

people and processes forward. Must have the ability to obtain Security Clearance (SC). Duties include: Lead a shift-based SOC team delivering 24/7 security operations and incident response. Act as a senior technical escalation point for complex or high-impact incidents. Be the front of house to customers for SOC technical matters and support within customer … DDQs. Configure, tune, and support core SOC technologies across detection, response, and monitoring. Oversee alert triage, playbook execution, and incident coordination. Drive continuous improvement in alert quality, detection logic, and automation. Collaborate with cyber engineering teams to onboard and integrate new log sources. Take ownership of team documentation, shift handover processes, and playbook quality. Required experience: Proven experience … in a leadership or senior role within a Security Operations Centre. Strong technical skills in areas such as alerting, incident response, and log analysis. Comfortable working hands-on with detection and monitoring technologies such as Microsoft Sentinel. Strong understanding of log pipelines, event correlation, and alert tuning. Familiarity with TCP/IP networking, proxies, DNS, endpoint telemetry, and More ❯

/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and fine-tune detection rules and alerts to identify malicious activities. Security Reporting More ❯

/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and fine-tune detection rules and alerts to identify malicious activities. Security Reporting More ❯

/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Work with security teams to analyze and mitigate security incidents. Custom Rule Creation - Develop and fine-tune detection rules and alerts to identify malicious activities. Security Reporting More ❯

Stay abreast of the latest cybersecurity threats and trends, as well as advancements in network security technologies. Develop and enforce policies and procedures for network access, monitoring, and security incident response. What youll bring Youll have professional security certifications such as CISSP, CISM, or equivalent Youll have a minimum of 3 years of experience in network security or a More ❯

improved security posture Demonstrated adaptability and eagerness to learn Excellent command of English, both written and spoken Willingness to work occasional nights and weekends for scheduled DDoS simulations or incident response (note: this is not a 24/7 shift-based role) Desirable Qualifications and Experience Experience in a client-facing technical or consulting role Background in one More ❯

Work closely with business stakeholders to understand and deliver new technical solutions, including cloud-based technologies, in support of future needs. Act as a key point of contact for incident response, demonstrating strong problem-solving skills and the ability to act quickly under pressure. Assist in the design and implementation of infrastructure changes, including both high-level and More ❯

Build a diverse, high-performing group aligned with our values. Build Operational and Engineering Excellence for your team through industry leading best practices, top notch instrumentation and well-oiled incident response procedures. Engage in strategic discussions and ensure the team is solving the right problems-not just shipping features. Requirements Taktile is a hybrid company with options to More ❯

infrastructure upgrades and issue resolution Contribute to root cause analysis and implement preventative measures Document support procedures and maintain a comprehensive knowledge base Participate in on-call rotations and incident response efforts as needed Critical Skills & Experience Windows Server administration and support Red Hat Enterprise Linux or equivalent Linux server support Configuration and patching using SCCM , WSUS , and More ❯

regulatory requirements. This includes secure coding practices, dependency management, access controls, and auditing where required. DevOps and Tooling Strategy - integrating development with operational considerations, including automation, monitoring, observability, and incident response. Guides selection and configuration of tools supporting the build-test-release cycle. Technology Strategy and Stack Selection - evaluating and selecting appropriate technologies, platforms, and frameworks. Aligns choices with More ❯

curious, and highly motivated. Excellent communication and documentation skills. Ability to manage multiple projects in parallel with minimal supervision. Willingness to occasionally work outside standard hours for deployments or incident response. More ❯

driving automation and supporting the development teams with robust CI/CD infrastructure in a hands-on leadership role. KEY RESPONSIBILITIES - Oversee day-to-day cloud operations, including monitoring, incident response and trouble shooting. - Leading and managing short and long term project planning. - Developing and implementing cloud governance, security and compliance. - Leading automation and IaC improvements. - Providing mentorship More ❯

driving automation and supporting the development teams with robust CI/CD infrastructure in a hands-on leadership role. KEY RESPONSIBILITIES - Oversee day-to-day cloud operations, including monitoring, incident response and trouble shooting. - Leading and managing short and long term project planning. - Developing and implementing cloud governance, security and compliance. - Leading automation and IaC improvements. - Providing mentorship More ❯

provided if not yet authorised) Escalating faults and carrying out fault diagnostics across essential systems Working alongside other engineers to ensure uptime and performance Supporting emergency call-outs and incident response where required Completing maintenance logs and compliance documentation Qualifications & Experience: Time-served Engineer with Level 3 qualification in Electrical or Mechanical Engineering 18th Edition (for Electrical bias More ❯