101 to 125 of 428 Incident Response Jobs in the UK

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

impact Act as the link between technical security and the wider business, translating requirements clearly Drive improvements across: SOC/SIEM capability (currently OpenText) Incident response and vulnerability management Penetration testing and security assurance Cloud security across Microsoft and Google environments Support key transformation programmes, particularly across data … isolation What We're Looking For Proven background in Information/Cyber Security with a hands-on approach Experience across core security operations (SIEM, incident response, vulnerability management, cloud security) Comfortable working across both Microsoft and Google cloud environments Experience managing or mentoring junior team members Able ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

government environment. You'll take a lead role in automation, platform stability, and mentoring, contributing to high-impact digital services. Key Responsibilities Lead incident response and outage management, including triage, stakeholder communication, and resolution Design, build, and maintain CI/CD pipelines to enable reliable and frequent software … pipelines to support continuous delivery Develop and manage cloud infrastructure using Infrastructure as Code Support and operate containerised applications and platforms Assist with incident response and service reliability Collaborate with software engineers to improve delivery and operational efficiency Champion DevOps best practices, automation, and quality Core Skills & Experience ...

government environment. You'll take a lead role in automation, platform stability, and mentoring, contributing to high-impact digital services. Key Responsibilities Lead incident response and outage management, including triage, stakeholder communication, and resolution Design, build, and maintain CI/CD pipelines to enable reliable and frequent software … pipelines to support continuous delivery Develop and manage cloud infrastructure using Infrastructure as Code Support and operate containerised applications and platforms Assist with incident response and service reliability Collaborate with software engineers to improve delivery and operational efficiency Champion DevOps best practices, automation, and quality Core Skills & Experience ...

technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within the CI/… have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management (Coordinating risk-based ...

Reduce alert fatigue by tuning thresholds, suppressing false positives, and downgrading non-actionable errors - Be the first responder when something breaks in production Reliability & Incident Response - Investigate and resolve production incidents end-to-end: detection, root cause analysis, fix, and post-mortem - Handle database performance issues: slow query … scale: clustering, read replicas, failover handling - Solid understanding of container orchestration and deployment strategies - Experience with monitoring and observability platforms (Datadog preferred) - Comfort with incident response: you've been paged at 2am and know how to stay calm, diagnose, and fix - Familiarity with CI/CD pipelines (CircleCI ...

firm’s technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: Monitor security event identification via the third-party security operations service. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence-led techniques. Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. Support ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

integrated practices for operational health, performance, and security. Define infrastructure strategy across Azure, hybrid, and legacy environments, including modernization roadmaps. Establish best practices for incident response, monitoring, playbooks, and capacity planning. Govern infrastructure changes including CAB oversight, rollback planning, and risk management. Advance infrastructure automation and IaC maturity … align infrastructure with broader technical goals. Own metrics for uptime, cost optimization, alert fatigue, and service-level objectives (SLOs). Establish best practices for incident response, playbooks, monitoring, and continuous improvement. Oversee change management including CAB governance, rollback strategies, and release pipelines. Collaborate closely with Help Desk, Security ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

controlled environment. The Role You'll be responsible for the day-to-day operation and improvement of a central Azure cloud platform, covering monitoring, incident response, automation, and platform reliability. Senior hires will also play a key role in mentoring others and driving improvements across the platform. What … Azure (IaaS/PaaS) Terraform for Infrastructure as Code Kubernetes and containerised platforms CI/CD using GitHub Actions or similar Monitoring, alerting, and incident response tooling L2/L3 on-call support within a 24/7 rota What they're looking for Experience supporting cloud platforms ...

standards that underpin operational delivery. You will provide technical leadership for the delivery of high quality telemetry services that support flood risk management, incident response, and water resources, enabling timely, evidence based decision making in both routine and high impact scenarios. You will also … telemetry team, assisting the Team Leader in workforce planning and technical competency development of the team. Contribute to the delivery of an incident management service by undertaking the role of the Telemetry Duty Officer. Undertake health and safety duties and responsibilities appropriate to the post Be committed to Natural ...

Cyber Governance, Risk, and Compliance Manager. This role focuses on defining, maintaining, and testing resilience plans for the organisation, including Business Continuity, Incident Response, and Disaster Recovery. You will work closely with multiple teams across the IT department and the wider business to ensure that resilience strategies … will include: Conducting analysis on business systems to understand and document the impact, scope, and recovery path in relation to cyber incidents. Contribution to incident reviews to ensure learnings are taken to improve our resilience. Identifying and escalating weaknesses in the resilience strategy. Working with project and change teams ...

leadership for the delivery and continuous improvement of NRW's telemetry services. These services underpin NRW's ability to deliver critical flood risk management, incident response, and water resource management services. You will act as NRW's senior technical authority for telemetry systems, with end-to-end responsibility … purpose. Your expertise will directly support evidence-based decision-making, enabling effective routine operations and providing trusted data and system performance during incident and emergency response. As an organisation we support flexible working. You will be contracted to the nearest NRW office to your home and a suitable hybrid ...

operations, and external security partners, you'll design and implement robust security controls while continuously improving resilience and reliability. You'll take ownership of incident response activities, proactively monitor threats, and drive improvements across vulnerability management and security tooling. Alongside day-to-day operational security, you'll contribute … firewalls, SIEM platforms, endpoint protection, and vulnerability management tools Experience securing both cloud-based and on-premise environments A solid background in security incident response and investigation Experience working with third-party security vendors or managed service providers The ability to communicate technical security concepts clearly ...

maturity toward CTEM, and strengthen our Exposure Management model. You'll ensure alignment with security policies, standards and regulatory requirements, while maintaining and enhancing incident response plans, documentation, risk assessments and remediation records. You'll also play an active role in training and awareness to promote strong security … hygiene across the organisation. To succeed, you'll bring relevant experience in vulnerability management, risk analysis and incident response, supported by certifications such as CISSP or CISM, plus a degree or equivalent experience in Information Security, Computer Science or a related field. If you're excited by transforming ...

Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...

does more than just configure—you protect and progress. We need an expert to lead technical engagements, audit complex architectures, and design Major Incident Response Plans (MIRPs) for enterprise-scale implementations. The Role You will assess the health and security of D365 Sales, Service, and Field Service environments. … systems are performant, compliant, and resilient. Key Responsibilities Deep-Dive Audits: Identify risks in customizations ( Plugins, C#, JavaScript ) and Dataverse configurations. Operational Resilience: Design incident response and business continuity plans aligned with ISO/NIST frameworks. Security & ALM: Optimize access models and Application Lifecycle Management processes. Strategic Advisory ...

does more than just configure—you protect and progress. We need an expert to lead technical engagements, audit complex architectures, and design Major Incident Response Plans (MIRPs) for enterprise-scale implementations. The Role You will assess the health and security of D365 Sales, Service, and Field Service environments. … systems are performant, compliant, and resilient. Key Responsibilities Deep-Dive Audits: Identify risks in customizations ( Plugins, C#, JavaScript ) and Dataverse configurations. Operational Resilience: Design incident response and business continuity plans aligned with ISO/NIST frameworks. Security & ALM: Optimize access models and Application Lifecycle Management processes. Strategic Advisory ...

does more than just configure—you protect and progress. We need an expert to lead technical engagements, audit complex architectures, and design Major Incident Response Plans (MIRPs) for enterprise-scale implementations. The Role You will assess the health and security of D365 Sales, Service, and Field Service environments. … systems are performant, compliant, and resilient. Key Responsibilities Deep-Dive Audits: Identify risks in customizations ( Plugins, C#, JavaScript ) and Dataverse configurations. Operational Resilience: Design incident response and business continuity plans aligned with ISO/NIST frameworks. Security & ALM: Optimize access models and Application Lifecycle Management processes. Strategic Advisory ...

does more than just configure—you protect and progress. We need an expert to lead technical engagements, audit complex architectures, and design Major Incident Response Plans (MIRPs) for enterprise-scale implementations. The Role You will assess the health and security of D365 Sales, Service, and Field Service environments. … systems are performant, compliant, and resilient. Key Responsibilities Deep-Dive Audits: Identify risks in customizations ( Plugins, C#, JavaScript ) and Dataverse configurations. Operational Resilience: Design incident response and business continuity plans aligned with ISO/NIST frameworks. Security & ALM: Optimize access models and Application Lifecycle Management processes. Strategic Advisory ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...