13 of 13 Incident Response Jobs in Wales

environments, and enterprise systems. Reporting to the Cyber Resilience Manager, you'll work across technical and governance functions to ensure ongoing protection against an evolving threat landscape, while supporting incident response, architecture design, compliance, and risk management. Key Responsibilities Design and maintain enterprise-wide cloud security architectures aligned to business objectives and compliance requirements Implement security controls across … measures into the software development lifecycle (SDLC) and broader IT processes Engage with architects, IT teams, and external suppliers to embed security into system design Develop and maintain technical incident response plans and support ongoing testing and refinement Monitor industry standards and regulatory changes (e.g., NIS regulations), ensuring ongoing compliance Contribute to internal security awareness and training programmes More ❯

environments, and enterprise systems. Reporting to the Cyber Resilience Manager, you'll work across technical and governance functions to ensure ongoing protection against an evolving threat landscape, while supporting incident response, architecture design, compliance, and risk management. Key Responsibilities Design and maintain enterprise-wide cloud security architectures aligned to business objectives and compliance requirements Implement security controls across … measures into the software development lifecycle (SDLC) and broader IT processes Engage with architects, IT teams, and external suppliers to embed security into system design Develop and maintain technical incident response plans and support ongoing testing and refinement Monitor industry standards and regulatory changes (e.g., NIS regulations), ensuring ongoing compliance Contribute to internal security awareness and training programmes More ❯

to identify incidents ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. * Complete post incident reporting. Responsible for SOC work instructions, ensuring they are reviewed & amended. * Use Case Factory development * Playbook design and development * Use Case & Playbook validation before going live * Maintain currency in … Tactics, Techniques and Procedures (TTPs) * SANS SEC401: Security Essentials (or equivalent) * SANS SEC503: Network Monitoring and Threat Detection In-Depth (or equivalent) * SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) *Desirable* * Knowledge of Reverse Engineering Malware * Practical Junior Malware Researcher (PJMR) * SANS SEC488: Cloud Security Essentials (or equivalent) * CREST Certified Network Intrusion Analyst (CCNIA) (or equivalent … SANS FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA) *Soft Skills/Qualifications* * The 3rd Line Analyst is expected to be able to present and write professional reports to key stakeholders * All staff are expected to exercise good time management and work as part of a team You will work from Airbus Protect offices, Newport, South More ❯

to identify incidents ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. * Complete post incident reporting. Responsible for SOC work instructions, ensuring they are reviewed & amended. * Use Case Factory development * Playbook design and development * Use Case & Playbook validation before going live * Maintain currency in … Tactics, Techniques and Procedures (TTPs) * SANS SEC401: Security Essentials (or equivalent) * SANS SEC503: Network Monitoring and Threat Detection In-Depth (or equivalent) * SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) *Desirable* * Knowledge of Reverse Engineering Malware * Practical Junior Malware Researcher (PJMR) * SANS SEC488: Cloud Security Essentials (or equivalent) * CREST Certified Network Intrusion Analyst (CCNIA) (or equivalent … SANS FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA) *Soft Skills/Qualifications* * The 3rd Line Analyst is expected to be able to present and write professional reports to key stakeholders * All staff are expected to exercise good time management and work as part of a team You will work from Airbus Protect offices, Newport, South More ❯

a critical national infrastructure (CNI) environment. Key parts of the role: Asset Tracking & Documentation Support. Lifecycle Management Assistance Compliance & Reporting Vendor & Supplier Coordination Continuous Improvement Support Cost Management & Optimisation Incident & Problem Management Support Collaboration with Internal Teams What you'll need to succeed Proficiency with asset management software tools such as ServiceNow, CMDB, or similar enterprise solutions. Understanding of … asset lifecycle management processes, including procurement, deployment, tracking, maintenance, and decommissioning of OT assets. Good understanding of incident response stages and handling. Knowledge of industry standards and regulatory requirements related to asset management, such as data protection and environmental compliance, ISO27002, CIS, NCSE CAF, NIST. Familiarity with tracking and managing lifecycle costs, working in partnership with finance and More ❯

ISMS. Develop Reference Architecture and all associated architecture models for Identity Management and Privileged Account Management Consult on and input into the redevelopment and regular testing of the Security Incident Response Plan Inputs to the strategic planning and oversight of a rolling five-year Enterprise Security plan. Provide Security Architecture consultancy into other projects and ongoing programmes of More ❯

Autopilot deployments and enforce security baselines. Automation: Develop PowerShell scripts to streamline operations and boost efficiency. Backup & Disaster Recovery: Ensure smooth backup operations, conduct regular recovery tests, and manage incident response. Upgrades & Improvements: Proactively monitor and enhance infrastructure, participate in technical projects, and engage in monthly client meetings. Service Desk: Handle tickets, diagnose issues, escalate when needed, and contribute More ❯

Autopilot deployments and enforce security baselines. Automation: Develop PowerShell scripts to streamline operations and boost efficiency. Backup & Disaster Recovery: Ensure smooth backup operations, conduct regular recovery tests, and manage incident response. Upgrades & Improvements: Proactively monitor and enhance infrastructure, participate in technical projects, and engage in monthly client meetings. Service Desk: Handle tickets, diagnose issues, escalate when needed, and contribute More ❯

device-level development Familiarity with MQTT and messaging protocols used in distributed systems Experience with Qt and GUI development for Windows and Linux environments Working knowledge of observability concepts, incident response and long-term reliability strategies Exposure to hardware-in-the-loop (HIL) testing and embedded diagnostics Benefits Up to £60,000 DOE Career development opportunities Holidays More ❯

best practices Stay up to date on the latest security trends , tools, techniques to enhance testing methodologies and procedures. Other responsibilities within the team include security assessments, risk analysis, incident response, research, compliance, and documentation. Desirable Qualifications include CHECK team member, OSCP and CREST . However, if you have some at least 1 of these and are working More ❯

principles, communicating widely with other stakeholders. Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office. Assist, where necessary, with incident response processes to identify architectural issues and solutions. Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions. You will More ❯

to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan More ❯

years’ experience in a SOC environment (Tier 2-level maturity). Hands-on experience with SIEM platforms (Sentinel/Splunk/QRadar or similar). Strong understanding of incident response and threat investigation. Comfortable working autonomously in a developing function Relevant certifications (Security+, CEH, GCIA, CISSP or similar). Package Salary: £50,000–£60,000 + on-call More ❯