23 of 23 Incident Response Jobs in the Thames Valley

energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

control systems remain secure, compliant and operationally robust. You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement … safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

both soft and technical skills, focused on the engineering, optimisation, and support of SOC tooling, telemetry, and detection capabilities to improve threat visibility and incident response across hybrid environments. Key Responsibilities Operate, support, and tune SIEM and security monitoring platforms, including Graylog and Splunk. Maintain and optimise … ingestion pipelines across multiple data sources. Develop and refine detection rules, alerts, dashboards, and SOC playbooks. Support incident response, investigation, and containment activities. Automate SOC processes and workflows using scripting tools such as PowerShell, Python, or Bash. Integrate new systems and infrastructure into SOC monitoring and visibility. Work ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams to embed security-by-design … support Secure Software Development Lifecycles (SSDLC) Lead initiatives around incident response strategy, detection engineering, mitigation planning, and digital forensics readiness Monitor emerging cyber threats, vulnerabilities, and regulatory changes, providing expert guidance to stakeholders Produce high-quality architectural documentation supporting audit, governance, and compliance requirements Required Experience & Skills Proven ...

solutions Collaborate with engineering, DevOps, and IT teams to embed security by design and ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

policies, technical controls, governance processes and operational procedures against CAF requirements Assess cyber security capability across areas such as risk management, protective security, monitoring, incident management, supply chain and resilience Produce high quality assessment reports, observations, risk findings and improvement recommendations Contribute to assurance workbooks, delivery documentation and management … communication skills Experience operating within public sector, regulated or complex enterprise environments Understanding of cyber security principles including identity and access management, vulnerability management, incident response, logging and monitoring, resilience and supply chain security Ability to manage multiple priorities and deliver against tight timescales Experience working within blended ...

knowledge of security frameworks such as ISO27001 and/or NIST• Experience with cloud security across AWS, Azure or GCP• Experience with vulnerability management, incident response and security operations• Experience working within regulated or enterprise environments would be highly sought after What Next? If you’re a Senior ...

SIEM/SOC platforms and tune detections Support OT asset discovery, inventory, and security assessments Identify vulnerabilities and support remediation planning Assist with OT incident response (log collection, triage, SOC coordination) Work with engineers to ensure secure system changes with minimal disruption Track OT security maturity, control coverage ...

vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating … customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively ...

network infrastructure Oversee LAN, WAN, Wi-Fi, VPN, firewall, and internet connectivity environments Lead network security initiatives including monitoring, patching, access control, and incident response Support and develop cloud and hybrid infrastructure connectivity Manage relationships with third-party vendors, ISPs, and technology partners Provide technical leadership and mentorship … stable and forward-thinking organisation near Oxford, we would love to hear from you. Please send an up to date CV for an immediate response and more information on a fantastic opportunity with a truly great Client. ...

acting as a subject matter expert Advise and collaborate with stakeholders across the business on maintaining secure business systems Contribute to production support and incident response activities as required Maintain up-to-date product security documentation Desired Qualifications and Experience Degree in cybersecurity, computer science, engineering or related ...

regulatory review Coaching cross-functional teams on DevOps best practices and enabling developer productivity through self-service tooling Contributing to root cause analysis, incident response and continuous improvement of infrastructure reliability What we are looking for: Proven experience building and maintaining DevOps infrastructure for safety critical or regulated ...

summary : Worked for large-scale, mission critical environments in Telecom domain. Implement service mesh architectures using Istio for traffic management, security, and observability. Lead incident response, root cause analysis, and continuous improvement activities. Core application skills as a platform engineer: OpenShift, Kubernetes, Prometheus, Grafana, RabbitMQ, Redis, MongoDB, PostgreSQL ...

cloud infrastructure Conduct regular vulnerability assessments and system patching to ensure all devices and software are secure and up-to-date Actively support the Incident Response process by investigating security alerts and applying essential security controls, such as anti-malware and firewall policies Compliance & Governance: Help to enforce ...

high-availability customer services. This is a production environment where reliability matters. Youll be involved in day-to-day platform operations, upgrades, performance tuning, incident response, lifecycle improvements and automation, while helping modernise the wider estate over time. Non-Negotiables Nutanix (strong hands-on production experience) Nutanix … Nutanix Prism Large-scale virtual machine estates Linux (RHEL or equivalent) Troubleshooting across compute, storage and virtualisation Incident/change/problem management processes Production support in a 24x7 or on-call environment What You'll Work With Nutanix Prism Central/Prism Element AHV clusters Linux server environments ...

compliance activities Contribute to the development and maintenance of the Business Continuity Plan (BCP) Conduct risk assessments and Business Impact Analyses (BIA) Support incident response, disaster recovery, and data breach protocols Maintain GDPR compliance and data protection processes Promote awareness of security and continuity procedures across the business ...

automation or configuration tools Exposure to container-based systems or similar technologies Understanding of how applications behave in production Awareness of monitoring, alerting, or incident response approaches An interest in improving processes, not just following them What You Can Expect in Return A competitive salary with additional long ...

mechanical discipline. Strong working knowledge of critical environments such as data centres, hospitals, or financial facilities. Proven ability to lead shift teams and manage incident response in real time. Up-to-date knowledge of Wiring Regulations, health and safety compliance, and permit-to-work systems. Exceptional communication skills ...

Maintaining the school's IT network (LAN/WAN, Wi-Fi, servers, cloud services) and troubleshooting when necessary. Manage backups, disaster recovery plans, and incident response procedures using best practices Manage and maintain the school's IT hardware and software assets as well as manage IT budgets, licensing ...