22 of 22 Incident Response Jobs in the Thames Valley

dashboards, alerts, and log data to identify suspicious or malicious activity. Alert Triage: Perform initial investigation and prioritisation of security alerts, escalating where necessary. Incident Response (L1): Assist in incident investigation, gather relevant evidence, and support escalation to senior analysts or IR teams. Threat Detection: Support detection … Exposure to SIEM tools (e.g., Sumo Logic, Microsoft Sentinel) Familiarity with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Basic understanding of: Security operations Incident response lifecycle Networking fundamentals (TCP/IP, DNS, etc.) Strong analytical and problem-solving skills Good communication skills (written and verbal) Ability ...

fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules … experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud ...

develop their technical skills and gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential … security incidents Triage alerts and escalate incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working ...

expertise and a passion for delivering safe, secure, and reliable critical infrastructure services. You will play a key role in ensuring operational continuity, driving incident response, supporting service delivery, and maintaining compliance across complex datacentre environments. Responsibilities: Data Centre Operations: Ensure full compliance with datacenter policies, safety standards … tasks and projects in collaboration with cross-functional technical teams. Manage operational programs and contribute to Root Cause Analysis (RCA) processes. Lead or support incident response efforts for critical infrastructure failures, ensuring rapid recovery and minimal downtime. Identify risks in the critical environment and implement mitigation strategies. Manage ...

across a complex, cloud-first environment. You’ll be operating at both board and technical level, driving immediate improvements across risk, compliance, architecture and incident readiness. This role requires someone who can hit the ground running, bring structure to a fast-paced environment and deliver measurable outcomes within … including Zero Trust and secure architecture principles Proven experience embedding DevSecOps/Secure SDLC into engineering-led environments Hands-on leadership of major incident response, including ransomware and breach scenarios across global teams Strong experience with third-party/supplier risk management in complex SaaS ecosystems Experience leading ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

high-performing Azure solutions, within an SC Cleared environment.You’ll be responsible for implementing secure cloud designs, automating testing and compliance processes, and supporting incident response activities. Our client operates in an Agile environment. Please note that this is a Security Cleared role, so it is essential that ...

acting as a subject matter expert Advise and collaborate with stakeholders across the business on maintaining secure business systems Contribute to production support and incident response activities as required Maintain up-to-date product security documentation Desired Qualifications and Experience Degree in cybersecurity, computer science, engineering or related ...

logs to determine root cause. Monitor live production environments and proactively respond to performance degradation, monitoring alerts, and service disruptions. Participate in incident response and contribute to reducing Mean Time to Resolution (MTTR). Collaborate with development, operations, and infrastructure teams to implement scalable, reliable solutions. Design … Azure CLI, ARM/Bicep, Terraform, or similar). Experience with performance tuning, capacity planning, and resource optimization. Experience working in SLA-driven or incident-managed environments. Ability to work directly with end users of varying technical proficiency and translate technical issues into understandable terms. Experience leveraging AI-assisted ...

/EDR/XDR, SIEM, email security, and identity management solutions. Awareness of current threat landscape and MSSP service models (SOC, vulnerability management, incident response). ...

dashboards, and infrastructure for regression tracking and system health monitoring. Establish and enforce best practices for access control, system configuration, and laboratory operations. Support incident response, troubleshooting, and root cause analysis for CI/CD failures or system anomalies. Implement monitoring and alerting automation by integrating logs ...

security and IT risk strategy Lead and develop a team of information security and technology risk specialists Oversee cyber security operations, including security tooling, incident response, and vulnerability management Maintain and manage the IT risk framework and risk register Ensure alignment with regulatory requirements and industry frameworks (e.g. ...

security and IT risk strategy Lead and develop a team of information security and technology risk specialists Oversee cyber security operations, including security tooling, incident response, and vulnerability management Maintain and manage the IT risk framework and risk register Ensure alignment with regulatory requirements and industry frameworks (e.g. ...

observability tools Understanding of cloud cost management and resource optimisation principles Comfort with troubleshooting and supporting development teams Understanding of service reliability and incident response practices ** Please note that we are unfortunately unable to provide visa sponsorship for this position. Applicants must have the right to work ...

monitoring of complex systems. Key Responsibilities Monitor and maintain SOC tools, controls, and platforms Investigate, resolve, or escalate security incidents Support analysts with incident response and threat investigations Analyse logs and system data to improve detection and alerting Develop and maintain detection rules and SOC procedures Support integration ...

Execution Own the cyber schedule, deliverables and risks within the programme. Drive timely completion of artefacts required for customer acceptance, including SSPs, POA&Ms, incident response plans, configuration baselines and security test evidence. Coordinate with US prime/DoD representatives on security clarifications and compliance submission. 4. Governance … compliant environment for development, test and integration, aligned to NIST (Apply online only), DFARS, STIGs and applicable ITAR/Export Control constraints. Ensure cyber incident reporting processes are in place and tested per DFARS (phone number removed). Support internal audit, external customer audit and formal assessment activities. 5. ...

associated registers Manage and support all aspects of cyber security within the business Promote business-wide awareness of cyber procedures and best practices Support incident response, disaster recovery (DR), and data breach protocols Assist with cyber-related audit activity Business Continuity & Risk Support the development, management, and review ...

deliver the information security and IT risk strategy Own the IT risk register and action plans Oversee security operations and assurance activities Lead incident response and maturity improvement Embed governance aligned to appropriate frameworks and regulatory requirements that works in the real world Update and influence executive stakeholders ...

with UK and international standards such as GDPR, PCI DSS, SOC 2, and related frameworks Leading audit activity, certifications, and third-party security assessments Incident response planning, vulnerability management, and security awareness initiatives Does this sound like you? Apply now for immediate consideration and review! Information Security & Compliance ...

Governance Ensure solutions align with organisational security policies, regulatory obligations, and industry best practice. Maintain clear and accessible security architecture documentation. Support security-related incident response activities where architectural insight is required. Community of Practice Contribution Contribute to the Security Architecture Community of Practice, supporting the maturity ...

Operational & capex budgets, cost optimisation and asset-level P&L awareness -KPI, SLA and facility-health reporting that actually drives decisions -Risk management, compliance, incident response & business continuity -Senior escalation point for major incidents — steady hands required How you’ll lead ✔ Clear, credible technical leadership ✔ High standards ...

development programmes for regional M&E engineers. Maintain compliance across all sites, including statutory requirements (PSSR, LOLA, L8, F-Gas, etc.). Support incident response activities and subsequent root cause analysis. Manage the regional operational risk register and associated controls. Support asset lifecycle planning and influence CAPEX requirements. ...