1 to 25 of 293 Incident Response Jobs

Our Incident Response Associates are a critical part of our Cyber Security division's success. As a Response Associate (Technical Lead), you will deploy your incident response expertise in a senior delivery role across our incident response services. You will work across the … full lifecycle of security incidents to help our clients respond and recover, including: Leading technical incident response from first contact through to closure: you will be the primary technical resource on response cases, deploying your own expertise, creating tailored strategies for response workstreams, and offering guidance … to colleagues on your project team. Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the more »

Senior Incident Response Consultant - Hybrid - London - Circa £85k My client is a global consultancy who are building out a billable incident response team to further develop and polish the company's overall service offering. They are looking for a strong incident response consultant who … can independently investigate incidents and manage/engage with clients. Responsibilities of an Senior Incident Response Consultant: Manage and coordinate cyber security incidents Act as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating further attacker activity across endpoints … cloud, and network infrastructure Work closely with the CTI team and create playbooks Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Have the ability to advise clients on the threat landscape and attacks that may be relevant to them Have an understanding of more »

we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the … met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role/Responsibilities You will report directly to the Head of Incident Response, working alongside senior incident response analysts. The type of incidents you will be working on range from business email compromises … to full-scale ransomware attacks. Technical expertise in incident response would be highly beneficial but not compulsory for this role as it is not a technical role. Primary Duties/Responsibilities include: Chairing and coordinating major incident war rooms during live incidents. If required, attending client sites more »

Incident Response Analyst | UK Remote | £40,000-£60,000 Are you an Incident Response Analyst with a passion for dealing with incidents and uncovering the truth behind them? We have an exciting opportunity for an Incident Response Analyst to join our client's team … ports on devices, laptops, and various other systems. As a key member of the team, you will play a vital role in providing comprehensive incident response services to our clients. This role will give you the opportunity to work for some top clients and expand your skills in … Stay up-to-date with the latest cyber threat landscape and emerging attack vectors to continually enhance investigation methodologies. Requirements: Proven experience in Cyber Incident Response for 1-2 years, as well as preferably digital forensics Knowledge of cloud based environments such as Azure and AWS Understanding of more »

Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring … Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures. Response: Lead and coordinate incident response activities, develop and maintain incident response plans, and escalate incidents … as necessary, ensuring adherence to major incident processes. Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds. Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure. Collaborate more »

Incident Response and Digital Forensics Consultant Base Location: London/Manchester plus network of 20 offices nationally: www.kpmg88careers.co.uk/experienced-professional/#LeBlender.OfficeLocations The KPMG Risk Consulting function is a cornerstone of our business. Operating from locations across the UK we do work that matters, serving the country … organisations, applying sector knowledge and technology solutions to deliver the best possible outcomes and get it right first time. Why Join KPMG as an Incident Response and Digital Forensics Consultant? The Incident Response and Digital Forensics Consultant role will be working in the Cyber Response … a range of security certifications. What will you be doing? · Manage and co-ordinate cyber security incidents for our clients. · Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). · Maintaining a current view of the cyber threat and being able to advise clients on more »

Cyber Incident Response Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »

solutions Becrypt deliver. Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary. Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve … incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. … Escalation management in the event of a security incident. Follow major incident process. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and more »

line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident more »

mitigating cyber risks, manage various vendor and third-party supplier relationships, and act as a key point of contact when overseeing vulnerability management and incident response processes. This role requires a deep understanding of cyber risk, stakeholder and vendor management skills, and expertise in vulnerability management and incident response processes. Main responsibilities: Conduct cyber risk assessments to identify vulnerabilities and threats. Analyse existing security measures and recommend enhancements to mitigate identified risks. Collaborate closely with internal stakeholders across various departments to understand their unique cybersecurity needs and requirements. Evaluate third-party vendors and assess their cybersecurity … and oversee vulnerability management processes to proactively identify and remediate security vulnerabilities. Coordinate with relevant teams to prioritise and address vulnerabilities. Develop and maintain incident response plans and procedures to effectively respond to cybersecurity incidents such as data breaches, malware infections, or unauthorised access. Lead incident response more »

Job Overview: Sportingtech is seeking a dedicated and experienced Major Incident Manager with a strong aptitude for command and coordination. This role is crucial for efficiently managing and resolving major incidents to minimise service impact and maintain exceptional user experiences. Additionally, this role involves regular Incident Management responsibilities … and requires an on-call commitment to address critical issues promptly. Key Responsibilities: Major Incident Command and Coordination: Take charge of leading and commanding bridge calls during major incidents, demonstrating exceptional control, coordination, and leadership skills. This role involves directing cross-functional teams, managing stakeholder communication effectively, and executing … recovery strategies to ensure quick resolution and minimal service disruption. Regular Incident Management: Assume regular Incident Management duties, handling and resolving day-to-day IT incidents, especially during periods without major incidents. On-Call Duties: Participate in an on-call rotation, being readily available to manage and respond more »

infrastructure to detect, triage and respond to cyber security incidents. They are looking for a curious and passionate person with breadth of knowledge in Incident Response and problem-solving abilities across Information Security as well as in Enterprise IT to contribute to all levels of incident response. … Primary Duties: Leading the delivery of security event triage performed by Tier 1&2 SOC analysts. Leading the delivery of the technical response on information security incidents. Incident Response to upper-level Tier 2 and Tier 3 Deliver comprehensive and stakeholder focused reporting on incidents and events. … and the broader business functions. Support the enterprise IT Security functions. Technical: Proven experience with commercial SIEM platforms; Elastic Security SOC, preferred, or Splunk Incident response software: Thrive Incident Response & Remediation Anti Virus: Microsoft Defender Cyber Triage Practical experience in the Microsoft ecosystem (on-premises, cloud more »

I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. Incident Response Planning and Training: Develop and maintain incident response plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »

I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incident response experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »

Cyber Incident Responder | Manchester | £40,000-£60,000 Are you a junior or mid-level Cyber Incident Response professional with a passion for dealing with incidents and uncovering the truth behind them. We have an exciting opportunity for a Cyber Incident Responder to join our client … ports on devices, laptops, and various other systems. As a key member of the team, you will play a vital role in providing comprehensive incident response services to our clients. This role will give you the opportunity to work for some top clients and expand your skills in … Stay up-to-date with the latest cyber threat landscape and emerging attack vectors to continually enhance investigation methodologies. Requirements: Proven experience in Cyber Incident Response for 1-2 years, as well as preferably digital forensics Knowledge of cloud based environments such as Azure and AWS Understanding of more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incident response and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incident response and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

security contact for UK clients Be responsible for the investigation and resolution of security related events from various security appliances and toolsets Develop security incident response plans & procedures including Security Incident Crisis/Emergency Management Ensure integration of new security services within the monitoring and detection capability … to respond to security threats of the future Oversee relationship with MDR vendor to deliver SOCaas service Oversee internal CSIRT programme Coordinate the post-incident review process, drive practical and impactful changes throughout the phases of the incident response lifecycle Enhance security capabilities by building security tools more »

Senior Cyber Security Analyst/Senior Cyber Defence Analyst/SIEM SME/Incident SME Position Overview: As a member of the expanding security team, the Cyber Defence Analyst plays a pivotal role in conceptualising, implementing, and sustaining operational cyber security measures. This role encompasses proactive risk assessment, protective … this position entails a diverse skill set, including the nurturing of junior analysts, real-time network monitoring for unauthorised activities, and active participation in incident response efforts. Your Responsibilities: Develop and integrate security event monitoring and incident management services. Respond promptly to security incidents as part of … an incident response team. Establish metrics and dashboards to enhance visibility of the Enterprise infrastructure. Utilise the SOAR platform to automate playbooks and streamline case management processes. Produce comprehensive documentation to ensure the repeatability and standardisation of security procedures. Innovate investigative methodologies using the SOC's software toolsets more »

design, implementation and maintenance of robust security measures across network and cloud environments, ensuring protection against potential threats, adherence to industry standards, and proactive incident response. This will include providing security consultancy services to the Change Team. In this role you will Ensure continual alignment of Information Security Policies … with the Architecture team Ensure adherence to industry best practices, regulatory standards, and internal security policies across network and Cloud environments Develop and implement incident response plans specific to network and Cloud security incidents, outlining clear protocols for detection, containment, and recovery Identify and establish partnerships with external … reports Organise and oversee regular vulnerability assessments and penetration testing activities to identify weaknesses and potential entry points for cyber threats Develop and maintain incident response plans aligned with identified risks and potential threats The ideal candidate for the role of Security Engineer will have: - Hold a degree more »