151 to 175 of 333 Incident Response Jobs in the UK

analysis. Oversee security operations including vulnerability scanning, penetration testing, and assessments. Manage and optimise security tooling (Firewalls, VPNs, IDS/IPS, EDR). Lead incident response activities, ensuring swift mitigation and root cause analysis. Collaborate across engineering, architecture, and compliance teams to embed security-by-design. What youll ...

. Define and govern DevOps, platform engineering and observability standards, including CI/CD pipelines, infrastructure-as-code, containerisation (Docker, Kubernetes), monitoring, alerting and incident response architecture. People, Community & Governance Mentor and develop the architecture community within GPTI and the wider ST&S portfolio, coaching junior architects, technical ...

. Define and govern DevOps, platform engineering and observability standards, including CI/CD pipelines, infrastructure-as-code, containerisation (Docker, Kubernetes), monitoring, alerting and incident response architecture. People, Community & Governance Mentor and develop the architecture community within GPTI and the wider ST&S portfolio, coaching junior architects, technical ...

skills develop. The core focus of the role is AWS-hosted environment security, complemented by identity and access management, vulnerability management, compliance support and incident response. You will work closely with their Engineering, Platform, Infrastructure and Support teams, as well as external stakeholders. A starting salary of around ...

Resilience, Continuity & Recovery Manager (DORA) -Incident Manager UK Remote | Permanent Hiring a Senior Resilience, Continuity, Recovery Manager and Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience: * MUST DORA/Operational Resilience … Major Incident Management * Business Continuity & Disaster Recovery * Financial Services/FinTech * ISO 22301/ISO 27001/NIST * Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong ...

security standards.Provide practical, proportionate security advice to stakeholders.Reporting & MetricsDevelop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions.Incident Response SupportSupport and enhance incident response processes.Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence and threat-hunting activities.Technical ...

knowledge of CI/CD and modern software delivery practices. Experience building services in cloud environments and containerized deployments. Experience with production support: troubleshooting, incident response, and post-incident improvements. Good understanding of testing practices (unit/integration tests; TDD knowledge is desirable). Strong written ...

Cyber Defence strategy, working closely with the internal stakeholders to create, align and execute for: Penetration Testing Security Operations Centre Management Endpoint Detection and Response Security Information Event Management Incident Response Plan Threat Hunting Skills & Experience Required Independent thinking, be a leader with a clear independent thorough ...

security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security … Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications – Essential ...

Cloud Platform Engineer Location - Glasgow - fully on site Duration - 40 weeks Contract AWS SRE Engineer - Incident Operations (AWS & Snowflake) We are looking for an AWS Site Reliability Engineer (SRE) with strong incident operations experience to support and improve the reliability of cloud and data platform services across … Snowflake. The role focuses on proactive monitoring, rapid incident response, service restoration, root cause analysis, and operational automation. The ideal candidate will have hands-on experience with AWS infrastructure, Snowflake operations, observability tooling, and on-call support in production environments. Key responsibilities: Lead incident triage and resolution ...

SIEM: Collaborate with our SOC partner to design and optimise Splunk dashboards and alerts, turning raw data into actionable intelligence to combat sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes … Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious activities within the environment. Train the Team: Elevate the skill level of the existing team in CrowdStrike, Splunk, and security analysis. ...

compliance and engagement with Qualified Security Assessors (QSAs).* Drive cyber awareness programs and phishing simulations to embed a security-aware culture.* Manage security incident response planning and coordinate with Security Operations Centre (SOC).* Report regularly to PayTech Executive Leadership and Edenred Group CISO on security program … Azure, GCP).* Excellent communication skills, able to convey complex security topics to non-technical stakeholders.* Pragmatic, calm, and resilient under pressure during incident management.**Why Join Us?** Be part of a dynamic and strategic security leadership team within a pioneering FinTech environment. Influence the protection of critical technologies ...

compliance and engagement with Qualified Security Assessors (QSAs).* Drive cyber awareness programs and phishing simulations to embed a security-aware culture.* Manage security incident response planning and coordinate with Security Operations Centre (SOC).* Report regularly to PayTech Executive Leadership and Edenred Group CISO on security program … Azure, GCP).* Excellent communication skills, able to convey complex security topics to non-technical stakeholders.* Pragmatic, calm, and resilient under pressure during incident management.Be part of a dynamic and strategic security leadership team within a pioneering FinTech environment. Influence the protection of critical technologies and data, contribute ...

knowledge articles; contribute to operational readiness Support audits and control testing; evidence compliance with security and regulatory requirements. Participate in on-call/incident response, problem management, and continuous improvement. Essential Skills Knowledge of Multi-Factor Authentication/Passwordless Authentication technology is required. Strong hands-on experience with … engineering MFA/SSO within an enterprise IAM environment. Working knowledge of PKI, certificates, TLS, and key management concepts. Experience operating production services: monitoring, incident management, change/release processes. Desirable Skills Previous experience of working in financial services, ideally HSBC experience. EntraID/AzureAD experience. Scripting/automation ...

environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track ...

Ensure environments are consistent, scalable, and aligned with application needs Observability & Reliability Implement monitoring, logging, and alerting focused on system and application health Support incident response and debugging across the stack Drive ongoing improvements to reliability and performance Required Experience Strong experience in DevOps, Platform Engineering, or Software ...

implementing security controls, conducting threat modelling and architecture reviews, and defining secure configurations and standards. The role also ensures systems include robust monitoring, detection, incident response, and recovery capabilities, while supporting overall resilience. Additionally, as the Cyber Security Lead you will contribute to Change Advisory Board decisions, assessing ...

performance analysis, and automate improvements where possible. Ensure high availability and data integrity through proactive alerting, backups, and robust disaster recovery planning. Own major incident response, troubleshooting and root-cause analysis, implementing long-term fixes. Maintain security best practice across cloud and on-premise environments, including vulnerability management ...

Executive‐level war‐gaming; ensure the Group is genuinely prepared – not just theoretically compliant – to respond to major cyber incidents. Own the cyber incident response playbook framework; ensure playbooks are maintained, tested, regularly updated to reflect the threat landscape, and actionable by the right people at pace when … incident occurs. Experience, Knowledge, Skills & Attributes Essential Experience 10+ years in cyber security, information security, or technology risk, with demonstrable progression into senior leadership roles. Proven track record designing and operating a cyber GRC/second‐line‐of‐defence function within a large, complex, or highly regulated organisation. Demonstrable ...

reliability Write clean, maintainable code and participate in peer code reviews Support the operational health of services using logs, monitoring, and metrics Participate in incident response and post-incident reviews with guidance Maintain runbooks, documentation, and operational knowledge for owned components Contribute to reducing technical debt ...

Establishing and embedding a robust Information Security Management System (ISMS) Designing and implementing a formal GDPR and data protection programme Defining and owning our incident response plan — and leading response during security events Working with IT in MDM processes and strengthening endpoint security across the business Conducting ...

Drive a pragmatic quality strategy: test pyramid balance, contract tests, data management, environments, and non-functional testing. Partner with TIO on SLOs, alerting, runbooks, incident response, and post-incident learning. Mentor through pairing, code/test reviews, and architecture discussions (no performance management duties). Document designs ...

such as CISSP, CISA, CISM Significant knowledge of cyber security practices including risk management principles, architectural requirements, security engineering, threat intelligence, vulnerability management, and incident response. Experience leading cyber risk reviews. Able to deliver clear gap analysis against cyber security policy, standards and technology risk requirements, using industry best … Enterprise environments and good knowledge of Cloud, primarily Microsoft Azure. Excellent stakeholder management skills Previous experience as part of a security operations or incident response organization would be beneficial. Good knowledge of threat modelling techniques with some experience in developing threat models. Please note: You must have full ...

Platform, Fabric) Drive Infrastructure as Code and automation (Azure/Terraform/Bicep) Improve release, deployment, and environment management Own monitoring, logging, alerting, and incident response Support secure access and identity (Entra ID) Work with engineering teams to take solutions into live production Champion DevOps culture and continuous … Hands-on CI/CD with Azure DevOps and/or GitHub Infrastructure as Code experience (Terraform or Bicep) Experience supporting production systems and incident management Understanding of cloud security and governance Strong communication and stakeholder skills This is a fully remote role with an excellent opportunity to build ...

Platform, Fabric) Drive Infrastructure as Code and automation (Azure/Terraform/Bicep) Improve release, deployment, and environment management Own monitoring, logging, alerting, and incident response Support secure access and identity (Entra ID) Work with engineering teams to take solutions into live production Champion DevOps culture and continuous … Hands-on CI/CD with Azure DevOps and/or GitHub Infrastructure as Code experience (Terraform or Bicep) Experience supporting production systems and incident management Understanding of cloud security and governance Strong communication and stakeholder skills This is a fully remote role with an excellent opportunity to build ...