176 to 200 of 403 Incident Response Jobs in the UK

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

high technical and security standard Deliver and maintain a secure Azure operating model Ensure consistency, resilience, and scalability across Azure environments Operational Leadership & Incident Management Lead and coordinate Major Incident response relating to Azure and associated cloud services Act as a senior escalation point for complex platform … issues Drive post-incident reviews, root cause analysis, and service improvements Vendor & Service Management Provide a high standard of vendor and service management Manage relationships with Microsoft and third-party suppliers Ensure services meet agreed SLAs, security expectations, and value-for-money objectives Lead service reviews and escalation activities ...

CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows … Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

doing: Leading CrowdStrike Falcon deployment, configuration, and optimisation Enhancing Splunk SIEM dashboards, alerts, and threat detection capabilities Acting as a senior escalation point for incident response Driving SOAR automation to improve response times Conducting proactive threat hunting Upskilling internal teams across CrowdStrike, Splunk, and security analysis What ...

third-party suppliers, and product vendors to ensure effective support and performance of applications and systems Proactively monitor security systems and tools, leading the response to security incidents and issues; support investigations and incident response, including participation in an on-call security rota when required Provide trusted ...

escalate and resolve high-risk vulnerabilities Stay ahead of the curve through continuous learning, certifications, and knowledge-sharing Champion precision: produce top-tier incident reports and maintain robust documentation Our perfect candidate should have a wealth of knowledge spanning various technologies and being able to use these skills … apply. Full UK Driving License Entry-level security certifications (CompTIA Security+, CySA+, etc.) or working toward one Hands-on experience in security incident response, vulnerability assessments, and root cause analysis Skilled in producing incident reports, security metrics, and supporting awareness training Comfortable with internal security audits ...

escalate and resolve high-risk vulnerabilities Stay ahead of the curve through continuous learning, certifications, and knowledge-sharing Champion precision: produce top-tier incident reports and maintain robust documentation Our perfect candidate should have a wealth of knowledge spanning various technologies and being able to use these skills … apply. Full UK Driving License Entry-level security certifications (CompTIA Security+, CySA+, etc.) or working toward one Hands-on experience in security incident response, vulnerability assessments, and root cause analysis Skilled in producing incident reports, security metrics, and supporting training Comfortable with internal security audits and refining ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

join our government client's established Security Operations Centre (SOC). You will work alongside Cyber Engineers and Analysts, providing analysis and supporting incident response activities. Based - Milton Keynes, Bucks (commutable from Northampton, Bedford, Luton, East Midlands, North London) Working in a DV Security Cleared environment. You will … undertake security clearance. Paying 465 a day (umbrella) As the SOC Analyst you will provide analysis, monitoring and investigating alerts, escalating incidents, and supporting response teams. Key Responsibilities - Monitor, triage investigate security alerts Escalate incidents assist response teams Analyse event data maintain protective tools Stay current with threat ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

Support regulatory audits, investigations, and remediation efforts Champion strong practices around access control, PII handling, and segregation of duties Participate in on-call rotations, incident response, and postmortems Continuously improve system reliability and operational maturity This is a hybrid position. Expectation of days in office will be confirmed … historical corrections Platform & Operations: Experience with CI/CD pipelines andInfrastructure asCode(IaC) such as Terraform Strong operational mindset On-call participation Experience withIncident response Experience with postmortems and continuous improvement Nice to haves: Prior experience building regulatory or statutory reporting platforms Exposure to near-real-time ...

CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate … Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry ...

knowledge of security frameworks such as ISO27001 and/or NIST• Experience with cloud security across AWS, Azure or GCP• Experience with vulnerability management, incident response and security operations• Experience working within regulated or enterprise environments would be highly sought after What Next? If you’re a Senior ...

services such as AWS Secrets Manager or HashiCorp Vault. Implement robust monitoring, alerting, and observability tooling (e.g., CloudWatch, Prometheus, Grafana, Datadog). Participate in incident response, root cause analysis, and resilience improvements. Maintain and evolve CI/CD pipelines using tools such as GitHub Actions, Bitbucket Pipelines ...

enable safe, fast, and repeatable delivery. Championing DevSecOps principles, embedding security and compliance into the software delivery lifecycle. Establishing and improving observability, monitoring, and incident response practices, including vulnerability management and remediation. Mentoring engineers and contributing to a strong engineering culture through knowledge sharing, documentation, and technical leadership. ...

security, data protection, and governance, providing coaching and training to ensure high performance. Act as the primary point of contact for security incidents, coordinating incident response and recovery plans, and liaising with external authorities when necessary. Maintain up-to-date knowledge of evolving threats, technologies, and regulations relevant ...

Monitor proxy service health, availability, and performance, identifying and resolving user impacting issues. Perform root cause analysis for proxy related incidents and participate in incident response and post incident reviews. Assist with capacity planning and resiliency testing activities, escalating risks when thresholds are approached. Ensure proxy configurations ...

vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating … customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively ...

Analyst, you will play a key role in delivering effective SOC services across multiple platforms and projects. You will provide hands on monitoring and incident response while also supporting the development of people, processes and security controls. Key responsibilities include: Leading and mentoring a small team … Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support ...

Cybersecurity & IT Security*** Oversee the design and implementation of cybersecurity architecture and controls.* Ensure protection of IT infrastructure, cloud environments, and sensitive data.* Lead incident response, threat intelligence, and vulnerability management programs.* Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA).**Governance, Risk & Compliance*** Develop … .* Conduct risk assessments, internal audits, and third-party security evaluations.* Report regularly to senior leadership on risk mitigation and compliance status.**Investigations & Incident Management*** Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations.* Build and manage a team of investigators and analysts ...

base articles in line with best practices Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.) Collaborate with external SOC teams Prepare post-incident reports and root cause analyses Manage end-user device (EUD) security via MS Intune, Sophos and NinjaOne Schedule and assess vulnerability scans on critical … driven changes Produce weekly security operations reports Manage Cisco Umbrella web filtering and SSL inspection policies Requirements: Previous hands-on experience in SecOps or Incident Response Recognised Security certifications such as Security+, CEH, or Microsoft security certifications Strong knowledge of Microsoft Windows OS security and hardening Working PowerShell ...

base articles in line with best practices Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.) Collaborate with external SOC teams Prepare post-incident reports and root cause analyses Manage end-user device (EUD) security via MS Intune, Sophos and NinjaOne Schedule and assess vulnerability scans on critical … driven changes Produce weekly security operations reports Manage Cisco Umbrella web filtering and SSL inspection policies Requirements: Previous hands-on experience in SecOps or Incident Response Recognised Security certifications such as Security+, CEH, or Microsoft security certifications Strong knowledge of Microsoft Windows OS security and hardening Working PowerShell ...

Support ISO 27001 compliance and broader security frameworks Assist with third-party risk assessments and penetration testing Contribute to security policies, controls, and incident response Promote security awareness across the business Experience: 5+ years in cybersecurity or security operations Strong experience with Microsoft security stack (Defender, Sentinel, Entra ...