1 to 25 of 30 Incident Response Jobs in the East of England

Senior Detection & Response Engineer Cambridgeshire Based - 1-2 days a week on site We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and … building scalable detection and response capabilities across the organisation. This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively. What You'll Be Doing: Investigate and respond to security events with clarity and precision … triage, analyse, and manage incidents from end to end Develop and improve detection and response processes, technologies, and work flows Design and implement tools to collect and analyse security telemetry from cloud environments Automate security workflows to enhance detection accuracy and reduce response time Build and fine-tune detection rules to focus efforts on high-fidelity alerts Create More ❯

L2 Security Analyst - SIEM, EDR, Firewalls, Email gateways, Incident Response, Triage - Hertfordshire - £38,000 - £40,000 Opportunity to join one of the fastest growing Solution Providers in the UK and they are showing no signs of slowing down. This role is to add to an already busy SOC team working on triaging, investigating, and resolving security tickets, as … understanding of cybersecurity fundamentals, including malware, phishing, and network attacks Familiarity with endpoint protection, Firewalls, and email security systems Knowledge of Scripting or automation (eg, PowerShell, Python) Experience with incident response frameworks and ITIL ticketing systems (eg ServiceNow, Jira) Nice to have Any MS365 certifications and CW PSA (nice to have) Relevant security certifications such as CompTIA Security+ … and improving SOC runbooks, playbooks, and standard operating procedures Collaborate with IT teams and other stakeholders to remediate security issues Participate in continuous improvement initiatives to enhance detection and response capabilities Contribute to periodic reporting on incident trends and metrics L2 Security Analyst - SIEM, EDR, Firewalls, Email gateways, Incident Response, Triage - Hertfordshire More ❯

will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats. This role involves implementing OT security measures, monitoring the OT network for threats, leading incident response efforts, validating security controls, and ensuring the resilience of OT systems. What you'll be doing: Implement and manage OT security controls, measures, and technologies to protect … critical assets and systems. Conduct risk assessments, vulnerability management, and security testing. Develop and implement incident response plans and ensure compliance with regulations. Conduct proactive threat hunting and reactive incident response. Provide regular reports on security status, including incidents, vulnerabilities, and overall health of OT systems. Collaborate with cross-functional teams, including network engineers, system administrators, and … external cybersecurity teams. What you'll need: At least 3 years of experience in OT security engineering, incident response, or a related field. Ability to manage multiple assessments and projects simultaneously. Strong understanding of industrial control systems (ICS) and SCADA systems. Strong problem-solving skills and attention to detail. Proven experience with OT and IT security technologies, including More ❯

to uncover anomalies. You'll also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. Endpoint Detection and Response (EDR) You'll manage and maintain endpoint security and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams, you'll ensure endpoint … implement and configure DLP solutions, define classification policies, and monitor for potential data leaks. Your work will help protect sensitive information and prevent unauthorised data exfiltration across the organisation. Incident Response You will form a key part of the incident response team when security incidents occur—analysing threats, assessing business impact, and be part of the … response lifecycle from containment to recovery. You'll document incidents thoroughly, follow established playbooks, and help improve them over time. Automation will be key to streamlining investigations and enriching threat intelligence. Testing and Validation You'll take part in cyber crisis simulations, penetration testing, and table-top exercises to ensure our defences are robust and response plans are More ❯

taking a leading role in delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: * Endpoint monitoring … and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise incident … computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing * Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. * Significant experience within a SOC environment. * Incident response experience * Qualification/Certification in Cyber Security Desirable * IT Qualifications/Certifications such as CompTIA More ❯

be doing: Working with a diverse group of engineers across Speechmatics to improve reliability of our products and systems, from design through to operation in production. Taking part in incident response, postmortems and ensuring the same incident doesn't happen twice. Managing and improving GitOps release workflows and CI/CD pipelines. Monitoring system performance and troubleshooting … how each layer fits together. Naturally inquisitive and eager to dive deep into new technologies; you thrive on learning as you go. Prior experience with on-call rotations and incident response is a plus. Familiarity with OpenTelemetry and related observability tooling is advantageous. We encourage you to apply even if you do not feel you match all of More ❯

forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions … Overview Position - Network Security Engineer (SOC) – Permanent Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific Government Security Clearance or are More ❯

forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions … Overview Position - Network Security Engineer (SOC) – Permanent Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific Government Security Clearance or are More ❯

forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions … Overview Position - Network Security Engineer (SOC) – Permanent Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific Government Security Clearance or are More ❯

Security Analyst (Triage & Incident Response) 📍 Hemel Hempstead | £38,000 – £40,000 | Office-Based Are you ready to be on the front line of cybersecurity? We’re looking for a proactive, analytical, and curious Security Analyst to join our growing team in Hemel Hempstead. If you thrive in fast-paced environments, love solving problems, and want to make a … real impact in protecting an organisation from cyber threats — this role is for you. 🚀 Why You’ll Love It Here 💡 Hands-On Experience: Get immersed in real-world incident response and security operations — no two days are the same. 📈 Grow Your Skills: We invest in your continuous development through training, mentoring, and career progression. 🤝 Team First Culture: Work … outcomes clearly and consistently. Support vulnerability management, patching, and threat monitoring. Maintain and improve SOC playbooks and standard operating procedures. Collaborate across teams to remediate security risks. Contribute to incident trend reporting and ongoing security improvements. Stay sharp by keeping up with emerging threats and tools. 🧠 What You Bring 2–5 years’ experience in a Security Analyst, SOC, or More ❯

Security Analyst (Triage & Incident Response) 📍 Hemel Hempstead | £38,000 – £40,000 | Office-Based Are you ready to be on the front line of cybersecurity? We’re looking for a proactive, analytical, and curious Security Analyst to join our growing team in Hemel Hempstead. If you thrive in fast-paced environments, love solving problems, and want to make a … real impact in protecting an organisation from cyber threats — this role is for you. 🚀 Why You’ll Love It Here 💡 Hands-On Experience: Get immersed in real-world incident response and security operations — no two days are the same. 📈 Grow Your Skills: We invest in your continuous development through training, mentoring, and career progression. 🤝 Team First Culture: Work … outcomes clearly and consistently. Support vulnerability management, patching, and threat monitoring. Maintain and improve SOC playbooks and standard operating procedures. Collaborate across teams to remediate security risks. Contribute to incident trend reporting and ongoing security improvements. Stay sharp by keeping up with emerging threats and tools. 🧠 What You Bring 2–5 years’ experience in a Security Analyst, SOC, or More ❯

Security Analyst (Triage & Incident Response) 📍 Hemel Hempstead | £38,000 – £40,000 | Office-Based Are you ready to be on the front line of cybersecurity? We’re looking for a proactive, analytical, and curious Security Analyst to join our growing team in Hemel Hempstead. If you thrive in fast-paced environments, love solving problems, and want to make a … real impact in protecting an organisation from cyber threats — this role is for you. 🚀 Why You’ll Love It Here 💡 Hands-On Experience: Get immersed in real-world incident response and security operations — no two days are the same. 📈 Grow Your Skills: We invest in your continuous development through training, mentoring, and career progression. 🤝 Team First Culture: Work … outcomes clearly and consistently. Support vulnerability management, patching, and threat monitoring. Maintain and improve SOC playbooks and standard operating procedures. Collaborate across teams to remediate security risks. Contribute to incident trend reporting and ongoing security improvements. Stay sharp by keeping up with emerging threats and tools. 🧠 What You Bring 2–5 years’ experience in a Security Analyst, SOC, or More ❯

having game-changing technology within their industry, with exciting scope for expansion into further industries. This role is looking for someone to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 £60,000 + excellent benefits (£32,000 for a new Graduate) Requirements for Site Reliability Engineer Graduate Considered: Excellent … degree from a leading international University in a STEM subject A minimum of ABB at A-Level or international equivalent if applying at Graduate level Experience working in an incident response or 3rd line technical support environment Brilliant communication skills this role is a highly interactive role Ideally, you will have knowledge of modern infrastructure and operational tooling More ❯

Own the end-to-end operational strategy for system availability, performance, and security monitoring. Oversee the day-to-day execution of infrastructure and security services, ensuring operational excellence and incident response readiness. Partner with the CISO to shape long-term strategy and roadmap for secure, resilient IT services. Drive automation, observability, and scalability across the infrastructure and security … a leadership role. Strong background in systems engineering, networking, cloud infrastructure (AWS preferred), and enterprise security tooling. Demonstrated experience building and leading high-performing technical teams. Deep understanding of incident response, security monitoring, and operational risk management. Hands-on ability to troubleshoot, assess risk, and solve complex infrastructure and SecOps challenges. Excellent communication skills with the ability to More ❯

eligible for DV We’re offering an exciting opportunity for a passionate Network Security Engineer to join a specialist Information Management function as part of a 24x7 Internal Security Response (ISR) team. As a Network Security Engineer , you’ll play a key role in safeguarding critical network infrastructure, proactively defending against evolving cyber threats, and supporting incident response … with network monitoring technologies (PRTG, Nagios) • Desirable: Exposure to Darktrace, Splunk, LogRhythm, packet analysis, and SOC alert triage You’ll Enjoy: • A role at the heart of security-focused incident response and proactive defence • Company bonus up to £2,500 (performance-based) • Pension contributions up to 14% • Paid overtime and up to 15 additional Flexi Leave days • Opportunities More ❯

eligible for DV We’re offering an exciting opportunity for a passionate Network Security Engineer to join a specialist Information Management function as part of a 24x7 Internal Security Response (ISR) team. As a Network Security Engineer , you’ll play a key role in safeguarding critical network infrastructure, proactively defending against evolving cyber threats, and supporting incident response … with network monitoring technologies (PRTG, Nagios) • Desirable: Exposure to Darktrace, Splunk, LogRhythm, packet analysis, and SOC alert triage You’ll Enjoy: • A role at the heart of security-focused incident response and proactive defence • Company bonus up to £2,500 (performance-based) • Pension contributions up to 14% • Paid overtime and up to 15 additional Flexi Leave days • Opportunities More ❯

eligible for DV We’re offering an exciting opportunity for a passionate Network Security Engineer to join a specialist Information Management function as part of a 24x7 Internal Security Response (ISR) team. As a Network Security Engineer , you’ll play a key role in safeguarding critical network infrastructure, proactively defending against evolving cyber threats, and supporting incident response … with network monitoring technologies (PRTG, Nagios) • Desirable: Exposure to Darktrace, Splunk, LogRhythm, packet analysis, and SOC alert triage You’ll Enjoy: • A role at the heart of security-focused incident response and proactive defence • Company bonus up to £2,500 (performance-based) • Pension contributions up to 14% • Paid overtime and up to 15 additional Flexi Leave days • Opportunities More ❯

PAN BT Major Incident Mangement 24/7 Duty Manager (Ipswich (4405), Ipswich, United Kingdom)Why this role matters In this role, you will service manage a 24 x 7 incident management team and support the command & control and the jeopardy management of customer service restoration. This is done through effective real time coaching and guidance on Pan … services by compiling full service wraps with associated technical information and recovery matrix. You will join a friendly and supportive team based in Ipswich, working within BT’s Major Incident Management service. The team operates a shift-based schedule, providing critical support across the entire BT business during major incidents. You will collaborate closely with senior leaders and various … departments, ensuring effective incident resolution and continuous service improvement. This role is based in Ipswich and involves working various shift patterns and comes with a shift allowance. You'll have the following responsibilities This role involves line management where you will provide leadership and support to a shift-based team, including line management of a small team and indirect More ❯

Responsibilities Lead, coach, and develop a multisite team of 1st to 3rd line IT Support Analysts. Oversee daily operations of the IT Service Desk, ensuring SLAs are met across incident, request, and problem management. Act as the primary escalation point for major incidents, coordinating resolution and stakeholder communication. Own and improve ITSM processes including incident, problem, request, change … and major incident management. Monitor service desk KPIs. Ensure smooth collaboration across infrastructure, development, and platform teams. Maintain excellent service quality and communication with internal and external users. Promote a culture of continuous improvement and customer service excellence. Contribute to IT strategy by identifying automation opportunities and service enhancements. Service Desk Manager Requirements Proven experience managing an IT Service … Desk or Technical Support function. Strong working knowledge of ITSM frameworks. Hands on expertise in incident, request, problem, and major incident management. Skilled in leading and developing high performing support teams (1st to 3rd line). Experience with major incident response and crisis communication. Customer focused with strong interpersonal and stakeholder management abilities. Familiarity with ITSM More ❯

from day one. Key Responsibilities Lead the development, implementation, and continuous improvement of the RSPBs cyber security strategy. Act as the senior accountable executive for cyber risk, compliance, and incident response. Provide expert advice to the CDTO, trustees, and executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness … campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes and digital transformation initiatives. Essential Qualifications Professional … full ownership of the cyber function. Strong communication skills with the ability to translate technical risk into business impact. Decisive and calm under pressure, particularly in high-risk or incident scenarios. Skilled in building high-trust relationships with internal and external stakeholders. Desirable Experience in cyber leadership within the charity or not-for-profit sector. Evidence of sector-wide More ❯

day one. Key Responsibilities Lead the development, implementation, and continuous improvement of the RSPB’s cyber security strategy. Act as the senior accountable executive for cyber risk, compliance, and incident response. Provide expert advice to the CDTO, trustees, and executive board on cyber threats, risks, and mitigation strategies. Embed a cyber-aware culture across the organisation through training, awareness … campaigns, and policy enforcement. Maintain oversight of cyber KPIs, threat intelligence, and incident response protocols. Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, NIST, ISO 27001) Build and maintain strategic relationships with external partners, including regulators and the National Cyber Security Centre. Represent cyber security in major organisational change programmes and digital transformation initiatives. Essential Qualifications Professional … full ownership of the cyber function. Strong communication skills with the ability to translate technical risk into business impact. Decisive and calm under pressure, particularly in high-risk or incident scenarios. Skilled in building high-trust relationships with internal and external stakeholders. Desirable Experience in cyber leadership within the charity or not-for-profit sector. Evidence of sector-wide More ❯

and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST … Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans … environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

Active Directory, Intune, Azure, and virtualisation platforms (Hyper-V, SAN). Drive improvements in monitoring, patching, backup (Veeam), and disaster recovery. Act as the technical lead for security configuration, incident response, and compliance (Cyber Essentials, GDPR). Provide 3rd Line technical support and mentor engineers in system administration and security best practice. Collaborate with senior Stakeholders on system More ❯