1 to 25 of 35 Incident Response Jobs in the East of England

systems, networks, and infrastructure, considering scalability, resiliency, and emerging technologies. Security Operations Management: Lead the security operations team for product and infrastructure, ensuring the implementation of robust security controls, incident response protocols, vulnerability management, and security monitoring. Foster a proactive and efficient security operations center (SOC) to detect, respond to, and recover from security incidents. Team Management: Effectively … to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective controls and processes to safeguard sensitive information and prevent unauthorized access. Incident Response and Investigation: Oversee incident response activities, coordinating with cross-functional teams to promptly detect, investigate, and resolve security incidents. Develop and maintain an incident response plan, ensuring effective communication, documentation, and post-incident analysis. Vendor and Third-Party Management: Assess and manage security risks associated with third-party vendors and partners. Establish and maintain security-related contracts, service-level agreements, and ongoing vendor assessments to ensure adherence to security standards. Performance Monitoring and Reporting: Establish key performance indicators (KPIs) and metrics More ❯

our Cyber Intelligence Specialist, you will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business … Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence into CIC activities. Collaborate and assist with the investigation and resolution of complex … security incidents. Support the delivery of retrospective improvements based on incident analysis, RCAs and PIRs. Engage with third-party security partners to enhance and mature services. Maintain centralised processes across all VBG product lines, promoting synergy and efficiency. Stay updated on the latest cyber threats, attack vectors, and trends in the cybersecurity landscape. Continuously enhance skills in areas such More ❯

Security Engineer Strong experience with Microsoft Security Tools and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to … Strong problem-solving ability with a pragmatic and collaborative approach Responsibilities for Cyber Security Engineer Enhance, manage, and optimise the company’s security tooling portfolio Review, update, and implement incident response playbooks and processes Strengthen security posture in Office 365 and Azure by deploying new tools and improving detection/response capabilities Collaborate with development teams to More ❯

data, we’d love to hear from you. Key Responsibilities: Proactively monitor security alerts from SIEM, EDR, and other tools Investigate incidents, analyse logs, and perform threat detection and response Conduct assessments of systems, vendors, and third parties for security risk Support incident response including forensic data gathering and documentation Collaborate across internal and external teams to … Previous experience in a cyber security or similar role in a regulated environment Strong knowledge of Firewalls, IDS, network security, and cloud security Familiarity with vulnerability management tools and incident response Ability to clearly communicate technical security issues to all audiences Strong analytical, problem-solving, and relationship-building skills Relevant certifications (CISSP, CISM, CISA, ISO27001) preferred Degree in More ❯

will play a pivotal role in safeguarding IT infrastructure and clients' digital assets. This position demands a proactive approach to security, encompassing the monitoring and protection of systems, strategic response to cyber threats, and the development of comprehensive security practices and strategy. You will serve as a key advisor to both clients and internal teams, guiding them through the … complexities of cyber security with your expertise. Responsibilities: Lead and support in the investigation and management of security incidents, ensuring a strategic response to mitigate risks. Implement and oversee security solutions for clients, ensuring their IT environments are resilient against cyber threats. Act as a primary point of contact for clients, providing expert advice on cyber security measures, best … practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development of incident response protocols to enhance security posture. Offer technical guidance to team members, fostering a culture of continuous learning and improvement within the security More ❯

and experience: An experienced threat intelligence lead (or similar). Expert in cybersecurity, with a focus on threat management and defensive security in regulated environments. Proficient in threat management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber … Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or vulnerability management programs. Professional certifications in Cyber and Information Security (e.g. OCSP, GREM, CEH). Strong analytical and problem-solving abilities, translating complex technical issues into actionable recommendations. An excellent communicator with the More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient … operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging More ❯

compliance, and security policies across cloud estates. Execute backup, disaster recovery, and business continuity procedures. Systems Management & Optimisation: Maintain and troubleshoot Azure and hybrid cloud environments. Perform proactive monitoring, incident response, and root cause analysis of mission-critical systems. Configure, optimise, and secure servers, virtual machines, networking, and storage solutions. Create and maintain scripts (e.g., PowerShell) to automate More ❯

the development and execution of ECCs information and cyber security strategy, ensuring alignment with their overall risk appetite and transformation goals. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs data and assets. You will More ❯

to-end support across Service Desk tiers (13). That means you will not only resolve high-level, complex technical issues but also contribute to front-line customer service, incident triage, and service request fulfilment when required. The hours of work for this role are Monday - Sunday - 4 on 4 off - 7pm - 7am. Key Responsibilities as a Cloud Operations … Engineer: Maintain and troubleshoot Azure and hybrid cloud environments. Perform proactive monitoring, incident response, and root cause analysis of mission-critical systems. Configure, optimise, and secure servers, virtual machines, networking, and storage solutions. Create and maintain scripts (e.g., PowerShell) to automate operational tasks. Contribute to design and implementation of new cloud and hybrid solutions. Service Desk Element: Tier … experience in a 3rd line technical infrastructure support role Outstanding problem-solving skills with a structured and analytical mindset Experience with ITIL-aligned Service Desk processes. Ability to perform incident triage and service request fulfilment. Strong knowledge of end-user support: Windows OS, O365, Teams, Exchange Online, SharePoint. What We Offer: 33 days holiday (inclusive of bank holidays), with More ❯

across a 24/7 shift pattern. This role requires DV-level Security Clearance and applicants are therefore required to be a Sole British Citizen. Responsibilities Join the Security Response team to support incident response and SOC operations. Design, implement, and maintain robust network security solutions Collaborate with cross-functional teams to manage vulnerabilities, secure changes, and More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

real-time support, training needs identification, and briefings on emerging threats and tooling updates. Act as key escalation point within the shift, liaising with the SOC Manager, CTI, and Incident Response leads to align on priorities and response strategies. Drive continuous improvement by flagging workflow issues, recommending SOP/playbook updates, and tracking performance metrics. Requirements Established More ❯

involved with: Handling Tier II-IV incidents and troubleshooting Change and configuration management Policy optimisation and risk reduction Patch, OS and capacity management Event monitoring and vulnerability management Security incident response and project support What we're looking for 5+ years in network security within large-scale operations Experience with technologies such as Cisco ASA, FirePower, Palo Alto More ❯

involved with: Handling Tier II-IV incidents and troubleshooting Change and configuration management Policy optimisation and risk reduction Patch, OS and capacity management Event monitoring and vulnerability management Security incident response and project support What we're looking for 5+ years in network security within large-scale operations Experience with technologies such as Cisco ASA, FirePower, Palo Alto More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors’ tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

defence environment. This is a fantastic opportunity to step into a senior operational role where you’ll lead by example, mentor analysts, and ensure high-quality threat detection and response across shifts. What you’ll be doing Providing live operational oversight across rotating Tier 1 and Tier 2 analyst teams Driving quality assurance on triage, escalations, and shift handovers … capability development Serving as the first point of contact for escalations and communications within your shift Logging procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure More ❯

defence environment. This is a fantastic opportunity to step into a senior operational role where you’ll lead by example, mentor analysts, and ensure high-quality threat detection and response across shifts. What you’ll be doing Providing live operational oversight across rotating Tier 1 and Tier 2 analyst teams Driving quality assurance on triage, escalations, and shift handovers … capability development Serving as the first point of contact for escalations and communications within your shift Logging procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure More ❯

defence environment. This is a fantastic opportunity to step into a senior operational role where you’ll lead by example, mentor analysts, and ensure high-quality threat detection and response across shifts. What you’ll be doing Providing live operational oversight across rotating Tier 1 and Tier 2 analyst teams Driving quality assurance on triage, escalations, and shift handovers … capability development Serving as the first point of contact for escalations and communications within your shift Logging procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯