76 to 100 of 327 Incident Response Jobs in the UK

monitoring using Microsoft Sentinel and related tools. Conduct threat hunting, log analysis and security investigations. Identify vulnerabilities and track remediation actions. Develop and improve incident response processes and playbooks. Work with technical teams, suppliers and stakeholders to drive security improvements. Provide practical security advice across the organisation. Essential … Skills Cyber Security Operations, SOC or Incident Response experience. Hands-on Microsoft Sentinel or SIEM experience. Threat hunting, log analysis and security monitoring. Experience with Microsoft Defender and Microsoft security technologies. Vulnerability management and remediation tracking. Strong communication and stakeholder management skills. Desirable Skills Local Government, NHS, Housing ...

consolidation of the wide area network to improve connectivity, performance, and sustainability Cyber Resilience: Strengthening of security through a refreshed Cyber Incident Response Plan, enhanced monitoring, and plans for a managed Security Operations Centre (SOC) with 24/7 incident response AI & Innovation: Scaling AI, particularly ...

reports directly to the Chief Information Officer (CIO). You will be accountable for shaping cyber strategy, overseeing governance and risk management, and leading incident response capabilities, while providing assurance on organisational cyber resilience at executive and board level. This role involves Develop and deliver a cyber security … strategy and roadmap aligned to organisational priorities and relevant government resilience frameworks. Oversee cyber security operations, including incident response, threat monitoring, vulnerability management, and third-party security services. Act as the senior cyber authority, offering expert guidance and clear assurance on cyber risk, compliance, and resilience to senior ...

plus core services. LAN/WAN network security & patch management. VM management (VMware/Proxmox). Cyber Security & Firewall management. AWS cloud administration. IT Incident response & DR. What youll need: A minimum of 5+ years experience in IT Infrastructure/Networking/Service Delivery or equivalent roles. … patching, software deployment and lifecycle management). Working knowledge of identity and security controls (e.g., MFA, Conditional Access, RBAC/least privilege) and supporting incident response activities. Experience working within a Service Desk/ticketing environment, managing workload to SLAs and owning incidents/requests through to resolution. ...

firm's technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: * Monitor security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. * Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). * Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. * Support ...

senior levels, influencing senior stakeholders with effective articulation of business and operational risk in clear and pragmatic terms. Lead and participate in cyber incident response exercises and real incidents Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. … OT. Support audits, assessments, and regulatory or customer assurance activities. Remain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Experience required Experience owning a cyber security strategy encompassing ...

Cisco ISE, and SCADA-related systems, while collaborating with internal teams, service providers, and specialist partners. This role offers broad exposure across implementation, monitoring, incident response, change management, resilience testing, and continuous improvement. You'll contribute to regulated cyber security compliance, support OT projects, and help strengthen protections … such as Fortinet, Cisco ISE, VPNs, dynamic routing, Microsoft or Linux security, and virtualised infrastructure. Experience with SCADA, industrial protocols, security standards, or OT incident response will be highly valued. In return, you'll receive a competitive salary, bonus, pension contribution, 25 days' holiday plus bank holidays ...

extensive endpoint estates, ensuring security, stability and performance. Configure and tune Falcon policies, prevention controls, detection rules and reporting capabilities. Collaborate with Security Operations, Incident Response and Infrastructure teams to enhance threat detection and response. Support threat hunting, incident investigations and security improvement initiatives. Develop endpoint security … CrowdStrike Falcon (EDR, NGAV, Device Control and Threat Intelligence) McAfee Endpoint Security Enterprise Endpoint Security Architecture Endpoint Migration Strategy and Delivery Threat Detection and Incident Response Security Policy Development and Enforcement Windows Enterprise Environments Security Operations and Threat Hunting Preferred Qualifications CrowdStrike Falcon Certification, or currently working towards ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Glasgow, Scotland, G2 4JR Type: Temporary Contract Hours: 8-Hour Shifts | 24 x 7 x 365 Operational Environment (Days … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Small Heath, Birmingham, West Midlands, B10 0HQ Type: Temporary Contract Hours: 8-Hour Shifts … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

activities. Monitor compliance across endpoint and network security solutions. Configure, maintain and support anti-malware, device control and Data Loss Prevention (DLP) technologies. Support incident response activities, security investigations and remediation of security breaches. Maintain backup and recovery procedures for network and security systems. Configure, manage and troubleshoot … WildFire. Experience with IDS, IPS, DLP, DDoS mitigation and security monitoring technologies. Strong experience supporting Cisco ISE and posture compliance environments. Experience with security incident response and vulnerability remediation. Strong troubleshooting and analytical skills. Excellent communication and stakeholder management abilities. Desirable Experience Relevant certifications such as CCNP, CCIE ...

implementation and improvement of security controls. Develop and deliver a company-wide information security training and awareness programme. Serve as the Primary Incident Response Manager for information security incidents. Manage and review information security risks across the organisation. Lead information security improvement initiatives. Oversee supply chain information security … risks and vendor assessments. Essential Skills & Experience Strong experience in policy and standards development. Cyber incident response expertise. Security architecture knowledge. In-depth understanding of ISO27001 controls. Experience with Cyber Essentials Plus certification. Strong risk management capability. Proven ability to communicate with and influence senior stakeholders. Desirable Audit ...

Clyde UK Services Company is seeking a Legal Director for their Cyber Department in London. This role involves leading complex cyber incident responses and advising clients on data breaches and regulatory obligations. The ideal candidate will have significant experience in cyber incident response and a background ...

develop and enhance digital resilience policy documentation Strategic Change Management: lead transformation initiatives and security improvements Vendor & Partner Management: partner with IR and MSSP Incident Response & Crisis Management: Lead coordination of security incidents Education & Awareness: Design/Deliver cyber training programmes Risk Management & Reporting: Oversee comprehensive cyber risk … Management: Manage security elements of vendor management framework Digital Resilience Manager: Experience Experience working with MSSPs, Security Vendors, Managed Service providers Experience in security incident response and crisis management Policy development and documentation Knowledge of vendor management & procurement security requirements Data protection knowledge - GDPR, UK GDPR Desirable ...

Cyber Essentials) Experience overseeing governance, risk, and assurance activities Broad technical understanding across networks, cloud, infrastructure Hands-on experience leading or coordinating cyber incident response Ability to translate technical risk into clear, business-focused messaging Experience producing reports, dashboards, and presenting to senior stakeholders Strong people leadership skills … System (ISMS) Ensure alignment with standards such as ISO 27001 and Cyber Essentials Identify, assess, and mitigate cyber risks, maintaining the risk register Lead incident response capability, ensuring plans are tested and effective Monitor the threat landscape and advise on emerging risks and mitigations Manage and develop ...

Cyber Essentials) Experience overseeing governance, risk, and assurance activities Broad technical understanding across networks, cloud, infrastructure Hands-on experience leading or coordinating cyber incident response Ability to translate technical risk into clear, business-focused messaging Experience producing reports, dashboards, and presenting to senior stakeholders Strong people leadership skills … System (ISMS) Ensure alignment with standards such as ISO 27001 and Cyber Essentials Identify, assess, and mitigate cyber risks, maintaining the risk register Lead incident response capability, ensuring plans are tested and effective Monitor the threat landscape and advise on emerging risks and mitigations Manage and develop ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

disruption to business operations. The role partners closely with functional and business teams to embed legal and compliance considerations into internal systems, product development, incident response, and business operations. This position has no direct reports but operates at an executive level in the Law Department with significant influence … Strong contracting capability for data privacy and data governance terms, including data access and data rights provisions, security addenda, audit rights, and flowdown clauses. Incident response and regulatory engagement experience, including breach notifications, investigations, and interactions with regulators in the EU. Qualifications You Must Have J.D. (or equivalent ...

security risk Design and implement security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents … Defender, Splunk, SolarWinds, Kubernetes, PowerShell, Python, Azure, AWS, Windows Server, Linux, New Relic, HashiCorp, Zerto and Jira. Experience with AI-driven threat detection and response platforms would also be advantageous. Qualifications CISSP certification preferred Equivalent certifications such as CISM, CEH or GIAC also considered Relevant cybersecurity or information security ...

external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in – • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability … This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have ...

coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination … remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response ...

major technology services organisation is building a new operational command capability in Belfast and is seeking experienced Senior Major Incident Managers to help lead and shape the function. These positions will work closely with the Head of Major Incident Management, taking ownership of high-profile incidents while helping … drive operational excellence, service improvement and best-practice adoption across the wider Major Incident Management team. This is a leadership-focused role suited to professionals who have significant experience owning critical incident response processes, managing senior stakeholder communications, mentoring incident teams and influencing service delivery outcomes. ...

major technology services organisation is building a new operational command capability in Belfast and is seeking experienced Senior Major Incident Managers to help lead and shape the function. Making sure you fit the guidelines as an applicant for this role is essential, please read the below carefully. These positions … will work closely with the Head of Major Incident Management, taking ownership of high-profile incidents while helping to drive operational excellence, service improvement and best-practice adoption across the wider Major Incident Management team. This is a leadership-focused role suited to professionals who have significant experience ...