21 of 21 Incident Response Jobs in the West Midlands

boards from below onwards The Role As SOC Manager: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC … activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports … to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Days: As per business need Special Working Conditions: Occasional client site travel The Role As SOC Manager, you will: Establish goals and priorities with your team, focusing on: Improving incident response times Reducing false positives and extraneous alerts Enhancing threat detection capabilities Oversee staff activities to ensure focus on the right priorities Review team performance metrics, incident reports, and other key indicators Lead incident response efforts with clear procedures and protocols Analyse incident reports to understand the organization's security posture Serve as primary point of contact for security incidents, liaising with internal stakeholders and external parties Conduct information security investigations and manage end-to-end security incident resolution Report to the … identifying new use cases and automations Act as POC for SOC engineering, threat intelligence, and threat exposure management Provide guidance to Level-2 SOC security analysts during investigations and incident resolution Lead coordination of individual information security incidents Mentor security analysts on risk management, security controls, incident analysis, SIEM monitoring, and operational tasks Document incidents from detection to More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish … and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business agility SM&CR Responsibilities More ❯

SOC Analyst (L3) - Senior Incident Responder Location: Birmingham (Hybrid) Salary: Up to £70,000 (depending on experience) + bonus NOTE: Candidates for this role must be eligible for UK Security Clearance (SC). We’re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real … Splunk and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post-incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use … Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop, refine, and own SOC use cases, runbooks, and playbooks to drive continual service improvement. Liaise directly with clients, providing clear guidance and More ❯

Exposure to virtual networking and automation tools (Terraform, Ansible, Python, etc.). Monitoring & Management Knowledge of network management systems (SolarWinds, Cisco DNA Center, etc.). Performance monitoring, logging, and incident response design. 3. Experience Requirements Typically710+ yearsin network engineering, with35 yearsin architecture or design roles. Proven experience in large-scale or complex enterprise environments. Experience producing architectural artefacts More ❯

aligned with ISO 27001, NIST, and CIS frameworks. Produce detailed documentation for configurations, processes, and troubleshooting. Collaborate with global cloud, security, and infrastructure teams for consistent, secure operations. Support incident response, root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding More ❯

Produce and maintain technical documentation, including architecture diagrams, procedures, and operational controls. Assist with compliance activities and audits relating to ISO 9001, ISO 27001, and other regulatory frameworks. Support incident response, risk assessments and cybersecurity best practices (Cyber Essentials Plus desirable). Handling Active Directory and Group Policy administration Collaborate with cross-functional teams to ensure smooth delivery More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

Excellent communication and stakeholder engagement skills. Passion for continuous learning and staying updated on emerging threats. Ability to translate technical risks into business impacts. Familiarity with SIEM tools and incident response processes. Closing date: 24 th October Shortlist date: 25 th October Interview date: TBC More ❯

proxy, CrowdStrike-equivalent tools Data management : Supporting data labelling & retention projects using Purview or similar Governance support : Involved in data loss prevention, labelling, and stakeholder engagement (including DPO) Practical incident response input : Advising IT on immediate steps during incidents, converting theory into quick, actionable responses Ongoing InfoSec operations : Metrics, monitoring, and security projects across applications and users Tech … tools you’ll use: Microsoft Purview – Data governance and policy enforcement Microsoft Defender – Endpoint & email protection CrowdStrike/equivalents – Endpoint detection & response Web proxy & email security tools Azure (beneficial) – IAM, monitoring, and security logging Why this role? Be central to shaping data governance and security operations in a dynamic SME environment Hands-on exposure to a wide range of More ❯

ISO 27001, IEC 62443, NIS-D/NIS-R. Desirable Skills: Hands-on experience with offensive security tools and red teaming in OT environments. Exposure to Digital Forensics and Incident Response (DFIR) within industrial networks. Experience working with Agile project tools such as JIRA, Confluence or Microsoft Planner. Main Benefits: Negotiable salary (enquire for details) 28 days holiday More ❯

sized environments. Solid experience with Microsoft technologies including Microsoft 365, Azure, and Active Directory. Good understanding of networks, servers, storage, and virtualisation. Knowledge of cyber security principles, tooling, and incident response. Ability to troubleshoot complex technical issues across systems and services. Comfortable working both independently and collaboratively across teams. Familiarity with IT service management frameworks (e.g. ITIL) and best More ❯

meet client requirements and implement the appropriate tools, technologies & processes to mitigate critical security risks (e.g., system and mobile antivirus software, encryption modules, patch management programs, insider threat protection, incident response plans, forensic capabilities, and regulation compliance). You'll conduct comprehensive attack path analysis and threat modelling, mapping adversary tactics and techniques to industrial environments and developing More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

FortiGate Manage VPNs, IPSEC tunnels, and certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/IP, VLAN, VXLAN, EVPN, VPC More ❯

banking, trading, or payments engines. Cybersecurity & Compliance Establish and enforce cybersecurity policies in line with FCA, PCI-DSS, GDPR, and other relevant standards. Lead risk assessments, vulnerability testing, and incident response exercises. Maintain audit-ready documentation and support external reviews. Team & Vendor Management Recruit, lead, and develop a high-performing IT team, fostering innovation and accountability. Manage vendor More ❯

stack - M365, Azure, Atlassian, Telephony, IT Service tools Manage/Develop Identity and Access Management solutions Identity/Automate tasks - streamline workflows Implement/Manage monitoring tools Troubleshoot and Incident Response: Investigate, Resolve issues Security: Implement security measures Documentation: create documentation for systems procedures CI/CD Support: Implementation of Continuous Integration/Deployment pipelines Provide tech config More ❯

for automation, cost savings, performance improvement, and scalability. Own capacity planning, infrastructure budgeting, and vendor management. Operational Excellence Ensure high availability, performance, and security of all infrastructure services. Oversee incident response and root cause analysis for infrastructure-related issues. Monitor KPIs and SLAs, ensuring service delivery meets or exceeds expectations. Collaboration & Communication Work closely with cross-functional teams More ❯