51 to 75 of 327 Incident Response Jobs in the UK

with cross-functional teams—including business stakeholders, infrastructure & operations, architecture, service delivery, external partners, and product teams—to identify vulnerabilities and develop remediation strategies. Incident Response: Manage security incidents, conduct root cause analysis, and implement preventive measures. Continuous Improvement: Evaluate and adopt new technologies and tools to enhance … security posture and incident response capabilities. Mentorship & Education: Educate teams on security principles, tools, and practices, instilling a security-first mindset across the organisation. About you You’re a seasoned engineering leader who thrives at the intersection of security, cloud, and DevOps. You’re passionate about building high ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

maintain of workspaces, including data connectors, Logic App, Function App, analytics rules, workbooks, and playbooks. Develop and refine custom queries for advanced threat hunting, incident investigation, and reporting. Optimize SIEM performance, cost, and data retention policies Identify new log sources work closely with infrastructure teams Identify, onboard, and configure … detect anomalies and incidents across the applications and infrastructure estate. Collaborate with SOC team to enrich detection logic based on known vulnerabilities and misconfigurations. Incident Response & Security Operations: Formulate proactive threat hunting rule based on emerging threats and intelligence. Contribute to the development and improvement of security playbooks ...

Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party … Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender ...

project outcomes within agreed SLAs. Operational Excellence Accountable for the operational integrity of WAN, LAN, Wi-Fi, and cloud-based network services. Oversee incident response, troubleshooting, and root cause analysis for complex network issues, ensuring timely resolution and minimal business impact. Owner of network device configuration management, backup … network security baselines, compliance with internal policies, and external standards (e.g., ISO 27001, NIST CSF). Collaborate with the Security team on vulnerability management, incident response, and audit readiness. Supplier & Stakeholder Management Act as the primary technical authority with network service providers and hardware vendors, accountable ...

practical, proportionate security advice to stakeholders. Reporting & Metrics Develop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions. Incident Response Support Support and enhance incident response processes. Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence ...

practical, proportionate security advice to stakeholders. Reporting & Metrics Develop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions. Incident Response Support Support and enhance incident response processes. Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence ...

automate operational processes and help ensure systems remain secure, performant and easy to operate. As a senior member of the team, you will lead incident response activities, champion a culture of continuous improvement and collaborate with engineering teams to embed reliability into service design. You will define … with cloud platforms AWS and/or Azure You have experience with observability tools such as Prometheus, Grafana, Datadog You have experience of leading incident response and drive reliability improvements You're proficient with container orchestration (Kubernetes) and Infrastructure-as-Code (Terraform, Pulumi, or similar) You have ...

Risk & Compliance: Ensure adherence to DSPT, CAF, CE+, ISO 27001, GDPR/DPA. Security by Design: Support secure architecture, systems design, and resilience planning. Incident Response: Act as primary escalation point; lead investigations and remediation. Policy & Process: Develop and enforce security policies and technical controls. Threat & Vulnerability Management … supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problem-solving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent ...

cybersecurity function. We're looking for a hands-on cybersecurity leader with expertise in: Cybersecurity Strategy & Risk Management Microsoft 365, Entra ID & Azure Security Incident Response & Vulnerability Management Microsoft Defender, Intune & Conditional Access ISO27001, NIST & Security Governance Key Responsibilities Define and execute the organisation's cybersecurity strategy, roadmap … continuous improvement of key security controls including MFA, Conditional Access, privileged access management, endpoint protection, vulnerability management, encryption, DLP, logging, and monitoring. Lead cyber incident response planning, testing, and execution, including playbooks, tabletop exercises, escalation processes, and post-incident reviews. Manage relationships with external cybersecurity providers including ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

Directory, Group Policy, and endpoint security. We require familiarity with CIS Benchmarks, STIGs, and practical security hardening standards. We need experience in vulnerability management, incident response, and remediation planning. We value DevSecOps, CI/CD security, automated security testing, and policy‐as‐code experience. We expect strong working … Active Directory, Group Policy, and endpoint configurations. We implement, audit, and remediate against CIS Benchmarks, STIGs, and security hardening standards. We support vulnerability management, incident response, root cause analysis, and remediation planning. We embed security into DevSecOps and CI/CD practices, including automated security testing and policy ...

opportunity for a Senior Cyber Security Analyst (12 month contract) within Marshall.The focus of this technical role is on threat prevention, detection and response for Marshall, including the configuration and monitoring of a security information and event management (SIEM) system, operating next generation antivirus, intrusion detection/prevention systems … Marshall protection and detection capabilities as risks evolve over time.Responsibilities include:Managing set checklistsProblem management through to handover or resolutionThreat identification and classificationIncident response leadReport writingStakeholder managementContinuous improvementJunior SOC staff mentoringTasks:Helping to maintain and monitor the effectiveness of security measures and controlsConduct and help coordinate, routine security event ...

leading the design and improvement of cloud-based systems, translating complex technical challenges into scalable, reliable solutions? Do you have experience driving system reliability, incident management and continuous improvement in AWS or similar environments? Location [Remote] About the team A&G, STMJ Technology is a global team that builds … teams, you will contribute to system design, automation and infrastructure as code, helping to build efficient and well-managed cloud environments. You will support incident response and recovery, while also improving monitoring, alerting and operational practices across the platform. You will combine technical expertise with a practical, problem ...

Security Closing Date 26 June 2026 Location: Leeds (Asda House)/Hybrid (3 days in office) Department: Technology – Cyber Security Reports to: SOC and Incident Response Manager Role Purpose We are looking for a Cyber Security Analyst – Data Loss Prevention (DLP) to help protect Asda’s sensitive information … investigative techniques. Understanding of regulatory and contractual requirements for data protection (e.g., GDPR, PCI DSS). Familiarity with security operations processes: alert triage, incident response, playbooks. Strong analytical and problem-solving skills; ability to interpret DLP events in context of business processes. Clear communication skills — able to explain ...

incredible team dedicated to detecting and responding to threats, keeping both Box and our customers safe. WHAT YOU'LL DO Box's Security Incident Response Team (SIRT) is responsible for managing Box's security incidents. Box presents a unique opportunity to be a part of building our global … more of the following: Cloud Security - we're a cloud company! System Security - MacOS\Linux\Windows Network Security - IDS, PCAP Malware Analysis & Forensics Incident Response Signature\Alerting Creation Tools of the trade including RegEx, YARA Scripting - We like Python but other languages like Golang are cool too SIEM ...

leading global financial institution seeking a Lead Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience … within Cyber Operations, SOC or Incident Response environments* Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.)* Knowledge of threat detection, malware analysis, endpoint, network or cloud security* Scripting experience (Python, PowerShell or similar)* Strong understanding of cyber risk, controls and security governance* Excellent stakeholder management ...

clear documentation of findings Identify security weaknesses, vulnerabilities, and gaps within the environment Recommend and implement improvements to strengthen overall security posture Assist with incident response and remediation activities Support and deliver internal IT security awareness and training initiatives Participate in and contribute to security-related projects … with Microsoft Defender Experience monitoring and responding to security alerts in a SOC or security-focused environment Knowledge of endpoint security, threat detection, and incident response processes Understanding of cybersecurity principles, vulnerabilities, and attack techniques Ability to investigate and analyse security events effectively Experience identifying security gaps ...

cyber operations and the continuous improvement of detection capability and SOC tooling. This is a hands-on role with a strong focus on incident response, SIEM optimisation, and threat detection. Key Responsibilities Monitor, investigate and respond to security incidents across secure environments Develop and tune SIEM detection rules … Cyber Security Operations Hands-on experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic) Ability to develop and tune detection rules and alerts Experience with incident response and threat analysis Knowledge of MITRE ATT&CK, IOCs, and TTPs Familiarity with SOAR tools and automation Scripting experience (e.g. Python, PowerShell ...

well as with AWS teams, including on an IAM access vulnerability that we discovered. You will own our security function end‐to‐end: incident readiness, regulatory obligations, customer trust, and the day‐to‐day fundamentals that enable everything else. You will be the bridge between engineering and legal, working … security posture to unlock new customers and strategic relationships. Partner with Engineering to maintain security excellence while minimizing development friction. Lead breach preparedness and incident response: build, test, and own the Security Incident Response Plan, Disaster Recovery, and Business Continuity programs so Stedi can detect, contain ...

Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes … cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate ...

vulnerabilities, and malware attack vectors. What We Are Looking For: Experience: Ideally 1-2 years of experience in a similar SOC, security monitoring, or incident response role. Technical Knowledge: A solid grasp of computer networks, operating systems, and core cybersecurity principles. Security Tools: Good working knowledge of security … technologies such as firewalls (network/application), host intrusion prevention, and antivirus software. Mindset: A strong understanding of common attack vectors, malware types, and incident response fundamentals. Critical Requirements: Security Clearance: Due to the secure nature of the environment, candidates must hold active UK Government SC Clearance ...

/CD pipeline development and maintenance Application deployment and release management Developer tooling administration (GitLab, Packagist, NPM, Dependabot) Dependency management and automated security updates Incident Management & Observability: Assist with the diagnosis and assessment of technical issues On-call engineering and incident response Monitoring, alerting, and error tracking … OpenSIPS FreeSWITCH Essential experience Required: Experience with CI/CD pipelines and deployment workflows Hands-on experience with cloud infrastructure Application monitoring, alerting, and incident response (any major tooling) Familiarity with load balancing and message queue technologies Maintaining and contributing to shared code libraries and internal tooling Investigating ...

secure, reliable, and scalable delivery of Retail platforms and applications. Oversee delivery planning, execution, and risk management, including ownership of P1 and P2 incident response and resolution. Build and develop engineering capability through strong leadership of Engineering Managers and senior engineers. Promote consistent engineering standards across automation, DevOps … technical design decisions to ensure solutions are scalable, secure, and maintainable. Act as an escalation point for major incidents, coordinating resolution and leading post‐incident reviews. Work with Engineering Managers to track delivery progress, dependencies, and risks. Coach and mentor engineering leaders, supporting capability and leadership development. Represent Retail ...

secure, reliable, and scalable delivery of Retail platforms and applications. Oversee delivery planning, execution, and risk management, including ownership of P1 and P2 incident response and resolution. Build and develop engineering capability through strong leadership of Engineering Managers and senior engineers. Promote consistent engineering standards across automation, DevOps … technical design decisions to ensure solutions are scalable, secure, and maintainable. Act as an escalation point for major incidents, coordinating resolution and leading post‐incident reviews. Work with Engineering Managers to track delivery progress, dependencies, and risks. Coach and mentor engineering leaders, supporting capability and leadership development. Represent Retail ...