76 to 100 of 428 Incident Response Jobs in the UK

risk assessments, and secure AI lifecycle practices. Monitor developments in AI security research and adversarial techniques, translating insights into defensive controls Security Monitoring and Incident Response Triage and analyse security alerts, identifying genuine threats and eliminating false positives Lead and document security investigations through to containment, eradication … recovery Perform root cause analysis and produce clear post-incident reports with actionable remediation steps Continuously enhance detection logic, automation, and response playbooks to improve mean time to detect (MTTD) and respond (MTTR) using AI and automation Partner with engineering and IT teams to remediate vulnerabilities and strengthen ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You’ll play a key role in real-time threat detection and response , working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement , giving you the chance to influence detection capability … response maturity. ️ What You’ll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

Security Drive the secure design and operation of critical technology platforms collaborating with platform owners and engineering teams to embed security throughout the lifecycle Incident Response Threat Management Provide technical oversight for incident response threat detection and vulnerability management Lead root cause analysis and remediation ...

ideal candidate is a “leader‐doer” who can manage the security of complex environment while remaining sharp enough to deep‐dive into an incident response bridge or a cloud architecture review. Duties and Responsibilities Detection Strategy : Build and maintain a world‐class Threat Intelligence program to pivot from … reactive to proactive defense. IR Leadership : Serve as the ultimate escalation point for high‐priority security incidents, leading the Incident Response team through containment, eradication, and recovery. Hunting : Establish regular threat‐hunting cadences to identify dormant or sophisticated actors within the environment. Stay abreast, and keep up with ...

SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop … correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. ...

performance testing for all components æ Ensure solutions are reliable, reproducible and stable across releases æ Support continuous improvement of testing practices Monitoring and Incident Response æ Implement observability and monitoring tooling æ Track system performance and detect anomalies æ Support incident response, troubleshooting and root ...

compliance with security standards, and protecting both organisational and customer data. You will act as an important escalation point for security-related matters, including incident response, while supporting technical teams in maintaining a strong and compliant security posture. Key Responsibilities Review and analyse current security measures to identify … frameworks, and industry best practices Experience across infrastructure and networking environments, both on-premise and cloud-based Hands-on involvement in vulnerability management and incident response Familiarity with security monitoring tools such as firewalls, IDS/IPS, and extended detection solutions Experience working with SIEM, cloud security platforms ...

What you’ll be doing: • Designing and implementing scalable security controls across a multi-cloud environment • Building and maturing Security Operations/detection/incident response capabilities • Driving AI-led automation across alert triage, investigations and response workflows • Building AI agents/leveraging LLMs to improve security … securing a large estate of software, infrastructure and services What they’re looking for: • Strong hands-on experience across Security Engineering, Security Operations and Incident Response • Experience implementing and configuring enterprise security tooling • Strong understanding of SIEM/detection engineering/SOC environments • Experience securing complex cloud environments ...

Governance, Risk, and Compliance (GRC). Working closely with our CTO, you will play a pivotal role in protecting our infrastructure, leading incident responses, and embedding security best practices across our entire product suite. The Role As our Senior Security Analyst, you will own the evolution of our security …/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate ...

security infrastructure Monitor and manage security tools including firewalls, SIEM, PAM, IDS, endpoint security, and network access controls Handle cyber security incidents and support incident response and recovery activities Perform root cause analysis and work with problem management teams Plan, test, and implement changes following strict change control … environments) Strong experience in OT/IT security operations and infrastructure Hands-on experience with network security, firewalls, and monitoring tools Experience in incident response and cyber security improvement initiatives Preferred Skills Industrial protocols: DNP3, ICCP, IEC 61850 Standards: NISD, NCSC CAF, ISO 27001/ ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

using Linux, containers and modern automation and CI/CD tooling to improve reliability, performance and security. The position combines hands-on engineering, incident response and continuous improvement of the platform and its supporting infrastructure. Responsibilities Design, implement and support scalable, resilient cloud-based solutions … part of a collaborative engineering team. Contribute to the design and implementation of observability and resilience practices to improve system reliability. Participate in incident response, troubleshooting and root cause analysis to enhance system stability and prevent recurrence. Work with CI/CD pipelines (e.g. GitLab CI or GitHub ...

strengthen security posture and respond effectively to evolving threats. What You Will Be Doing: Designing and implementing security solutions across client environments Leading incident response activities including investigation and remediation Conducting vulnerability assessments and driving risk reduction Managing and improving endpoint protection and EDR platforms Securing Azure … with SIEM or security monitoring platforms Understanding of secure network architecture including DNS and TCP IP Experience securing Azure or AWS environments Knowledge of incident response and vulnerability management Familiarity with Cyber Essentials or CE Plus Experience working in an MSP or multi client environment is highly desirable ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

maintain Huel’s information security strategy, aligned with business priorities, technology risks, and growth plans. Oversee core security capabilities, including threat detection, vulnerability management, incident response, access controls, and continuous improvement. Partner with Engineering, Data, and IT Operations to embed security across the full lifecycle of applications, systems … Strong knowledge of frameworks, standards, and regulations such as NIST, Cyber Essentials, and GDPR Experience building or maturing capabilities across risk management, incident response, vulnerability management, governance, and awareness Experience working with third-party security providers across services such as penetration testing, Managed Detection and Response ...

working with a leading UK-based IT solutions provider specialising in Microsoft-focused security services. The business delivers outsourced security event monitoring and incident response to a broad portfolio of clients across multiple sectors. With a strong reputation in the Microsoft security ecosystem, the organisation continues to invest … appropriate escalation where required Investigating alerts generated from SIEM and EDR tools Liaising with customers to gather information, provide updates, and confirm resolution Supporting incident response activities in line with defined processes and playbooks Installing and configuring security tools and software where required Maintaining accurate documentation of incidents ...

recovery aligned to RTO/RPO Manage identity and access management controls Implement monitoring and alerting using Azure Monitor and Log Analytics Support incident response, recovery and release readiness Collaborate with engineering leads, security teams and partners Profile A successful DevSecOps should have: Problem-solving skills … hands-on experience with ARM and Bicep CI/CD pipeline security in Azure DevOps DevSecOps framework design experience Vulnerability management and remediation delivery Incident response, backup and recovery experience Strong scripting skills (PowerShell, Python) Excellent communication and stakeholder influencing skills Self-starter with strong problem-solving mindset ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...