1 to 25 of 31 Incident Response Jobs in the West Midlands

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios

activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits … intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake

architecture, and project teams to improve security posture and integrate security into business processes. Respond to and investigate security incidents, participate in troubleshooting and incident response activities. Provide oversight and support for Security Operations Center (SOC) activities. Develop and enforce security policies, standards, and procedures. Educate and mentor … IT. Hands-on experience with vulnerability management, patch management, and security platforms. Experience developing and auditing governance, risk, and compliance controls. Experience in incident response and security project delivery. Experience managing or participating in security-related projects is a plus. Excellent IT skills, including networking, operating systems (Windows

role in protecting a large-scale, high-availability environment, acting as an escalation point for complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling … malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems and using threat intelligence to strengthen detection capabilities. Producing clear, concise incident reports for senior stakeholders, including non-technical audiences. Supporting junior analysts with guidance, best practice coaching and career development (no formal line management).

where you'll help set the direction for cybersecurity, manage risk, and ensure compliance across all environments. You'll lead a dedicated team, drive incident response, and work closely with senior stakeholders to safeguard critical systems and data. This is an excellent opportunity for an experienced professional … aligned with best practice frameworks and industry standards Take the lead on risk assessments and vulnerability reviews, implementing robust controls to mitigate threats. Manage incident response processes, including preparation, detection, resolution, and post-incident analysis. Mentor and develop the cybersecurity team, ensuring they have the tools

environments. You'll work across servers, networks, storage, and security tools, contributing to infrastructure projects as well as cyber initiatives such as vulnerability management, incident response, and enhancing security controls. You'll also collaborate with group security teams and help ensure systems remain resilient and up to date. … etc.) Palo Alto deployment/configuration experience is a must Good understanding of firewalls, network protocols, and intrusion prevention Ability to manage vulnerability scanning, incident response, and remediation Confident communicator with solid documentation skills The role also covers an office in Milton Keynes and they might be occasional

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture.- 3 days on site in Birmingham (Please ensure you are local before applying)- £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation

looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. Role Assisting in monitoring network traffic … detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying

passionate about technology and eager to start a career in cyber security? We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts … Microsoft technologies like M365 and Azure. Our mission is to keep networks secure, efficient, and future-ready. Responsibilities: As a Cyber Threat Detection & Response Apprentice at SNO, you’ll work alongside experienced professionals to strengthen our cyber defence capabilities. Your responsibilities will include: Assisting in monitoring network traffic

dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant. This role demands a technically strong individual with excellent stakeholder communication and problem-solving … configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third-party tools. Ensure migration plans include validation, rollback procedures, and knowledge transfer. Platform Operations & Incident Response: Maintain Splunk infrastructure in both Production and Non-Production environments. Support Splunk SRE and Application teams in incident investigation and resolution.

dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. Support compliance with ISO 27001, PCI DSS, etc Document

performance of the SIEM infrastructure to maintain optimal functionality. Security Engineering:Contribute to various security engineering projects and work closely with security operations and incident response systems. Stay updated on emerging threats and best practises in the cybersecurity landscape. Skills You'll Need to Succeed: Essential:- Strong experience

Security as needed. What you’ll be doing Providing 2nd/3rd line IT support in line with SLAs, covering connectivity issues, system outages, incident response, and critical upgrades Administering network, server, and security technologies, including firewalls, VPNs, and monitoring tools Coordinating and participating in vulnerability testing, security

certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/

certificate-based authentication Contribute to AD design and secure environment management Mentor junior staff and act as a key escalation point Participate in incident response and root cause analysis Required Skills & Experience: 5+ years in a Network Engineer or Infrastructure Engineer role Strong knowledge of TCP/

with the high demand. In this varied role you will be accountable for a broad range of Security Operations activities, including proactive monitoring, incident response, threat and vulnerability management, managing the external Security Operations Centre (SOC) partnership and developing security capabilities. You will also play a key part

practices. Understanding of cloud security best practices and competency with Identity and Access Management (IAM). Excellent troubleshooting and debugging skills, with experience in incident response. Experience working in an Agile methodology. Ability to write comprehensive technical documentation and manage configuration control (Git). Experience with Terraform is highly

practices. Understanding of cloud security best practices and competency with Identity and Access Management (IAM). Excellent troubleshooting and debugging skills, with experience in incident response. Experience working in an Agile methodology. Ability to write comprehensive technical documentation and manage configuration control (Git). Experience with Terraform is highly

with platform teams, architects, and suppliers to ensure integration aligns with enterprise architecture and business goals. Maintained operational stability of integration services through monitoring, incident management, and continuous improvement. Provided secure, scalable, reusable integration capabilities for delivery teams and projects. Strong knowledge of enterprise integration patterns and tools (APIs … supporting key enterprise platforms. Advised on integration patterns and best practices (point-to-point vs. platforms). Ensured rigorous version control, monitoring, maintenance, and incident response for integration components. Established and managed inventory and governance processes for integration design, development, and policy compliance. Interested? Please submit your updated

with platform teams, architects, and suppliers to ensure integration aligns with enterprise architecture and business goals. Maintained operational stability of integration services through monitoring, incident management, and continuous improvement. Provided secure, scalable, reusable integration capabilities for delivery teams and projects Strong knowledge of enterprise integration patterns and tools (APIs … supporting key enterprise platforms. Advised on integration patterns and best practices (point-to-point vs. platforms). Ensured rigorous version control, monitoring, maintenance, and incident response for integration components. Established and managed inventory and governance processes for integration design, development, and policy compliance. Interested? Please submit your updated

with platform teams, architects, and suppliers to ensure integration aligns with enterprise architecture and business goals. Maintained operational stability of integration services through monitoring, incident management, and continuous improvement. Provided secure, scalable, reusable integration capabilities for delivery teams and projects Strong knowledge of enterprise integration patterns and tools (APIs … supporting key enterprise platforms. Advised on integration patterns and best practices (point-to-point vs. platforms). Ensured rigorous version control, monitoring, maintenance, and incident response for integration components. Established and managed inventory and governance processes for integration design, development, and policy compliance. Interested? Please submit your updated

call allowance, overtime and regular salary reviews. It is a field based position working a regional patch providing a maintenance and incident response for events such as broadband, telephone and TV reception service faults in customer premises. The role : Full time, permanent field based role across a regional

innovation, and environmental responsibility. At Nscale, our Support and Operations team plays a critical role in maintaining service availability, driving service reliability and rapid response to customer tickets We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work … . Practical experience with GPU drivers and GPU logs investigation tools, e.g. nvidia-smi. Performance diagnostics using NCCL on large scale clusters. Observability and incident response. Build and use alerting stacks and dashboards, interpret metrics and alerts, and drive runbooks to resolution; contribute to SLOs and post‐incident