1 to 25 of 37 Incident Response Jobs in the East of England

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with … APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions More ❯

Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge ( Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be … of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation More ❯

Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge ( Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be … of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation More ❯

business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration … PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real More ❯

Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be … of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation More ❯

compromised, information is accessed, data is exfiltrated, backups are wiped, and ransomware is deployed, locking up an entire organization. Join our threat detection and response team to perform active threat hunting and assist organizations in recovering from cyber incidents. We're seeking CND and CNO specialists who can think … cyber attackers to understand how security measures were circumvented. This role offers an opportunity to use your analytical skills and gain endpoint detection and response experience to identify indicators of compromise. You will collaborate with incident response analysts engaged in forensic investigations. Join us. The world can … or Defender for Endpoint Experience with network- and host-based intrusion analysis, digital forensics, or malware handling Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams Knowledge of security principles, including MITRE ATT&CK framework, threat landscapes, or attacker TTPs Knowledge of Microsoft Windows More ❯

about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities ?Own … of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing operational improvement actions such as development and tuning of security monitoring, alerting, and reporting. It goes without saying that this More ❯

their industry, with exciting scope for expansion into further industries. This role is looking for someone to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 £60,000 + excellent benefits (£32,000 for a new Graduate) Requirements for Site … University in a STEM subject A minimum of ABB at A-Level or international equivalent if applying at Graduate level Experience working in an incident response or 3rd line technical support environment Brilliant communication skills this role is a highly interactive role Ideally, you will have knowledge of More ❯

for expansion into further industries. This role is looking for a Graduate or experienced SRE professional to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 - £70,000 per annum + excellent benefits including private healthcare (could be more available … University in a STEM subject A minimum of AAB at A-Level or international equivalent if applying at Graduate level Any experience working an incident response or technical support environment would be beneficial (could be as intern/year in industry etc) Brilliant communication skills - this role is More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response … crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team More ❯

security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical … and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What youll bring: Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel and Splunk implementations. Knowledge and experience with Mitre More ❯

infrastructure. Perform detailed analysis of network traffic, diverse log sources (system, application, network), and other security data to identify threats and vulnerabilities. Provide crucial Incident Response (IR) support during security events. Contribute to the continuous improvement of the team's knowledge regarding SOC tools, operational procedures, and effective … concise reports for managed clients, tailored for both technical and non-technical audiences, focusing on continuous improvement of content and delivery. Maintain meticulous security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What You'll Bring: Proven experience working within a Security Operations Centre (SOC More ❯

frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness. Manage the information security awareness training program to ensure all employees develop More ❯

frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness. Manage the information security awareness training program to ensure all employees develop More ❯

Engineering Professional). Other Cyber/information Security qualification (e.g. CISSP, CCSP, CCNA, SABSA) Desirable Skills Cloud, on-prem, SaaS, PaaS, IaaS environments. Security incident response. Coding skills. Experience working with Azure Sentinel. If you are interested in this role but not sure if your skills and experience are More ❯

policies, standards, and procedures. Ensure compliance with legal, regulatory, and contractual obligations. Act as the primary liaison for assurance audits and external security assessments. Incident Response and Preparedness: Collaborate with key teams to investigate security incidents. Prepare and execute simulated exercises to test resilience. About you We are More ❯

a fast-paced, mission-critical environment. The Role • Monitoring & triaging alerts across secure client environments • Investigating threats using logs, traffic, and endpoint telemetry • Supporting incident response, containment & recovery • Developing smarter detection rules (think MITRE ATT&CK) • Creating incident reports for both technical & non-technical audiences • Staying ahead More ❯

a fast-paced, mission-critical environment. The Role • Monitoring & triaging alerts across secure client environments • Investigating threats using logs, traffic, and endpoint telemetry • Supporting incident response, containment & recovery • Developing smarter detection rules (think MITRE ATT&CK) • Creating incident reports for both technical & non-technical audiences • Staying ahead More ❯

organizational goals Establish and maintain SLIs, SLOs, and SLAs for critical systems and services Drive the adoption of best practices in automation, monitoring, and incident response Software Engineer, Site Reliability Engineer. Fireworks AI offers a fast and efficient platform for building and deploying generative AI applications with a … metrics, alerts, logs across infrastructure and applications. Create and maintain tools to monitor the platform. Respond to incidents, troubleshoot, investigate root causes. Conduct post-incident investigation and report. QED.ai provides AI-driven solutions for data scarcity in health and agriculture, offering tools for data digitization, geospatial mapping, and spectroscopy. More ❯

communication systems. The IT Cyber Security Solution Architect must have extensive experience in a range of cybersecurity areas such as Security Architecture, Risk Management, Incident Response & Management, Security Technologies Evaluation, Business Continuity & Disaster Recovery, Vendor & Third-Party Security, Continuous Monitoring & Improvement, C-Suite Relationship, and Stakeholder Management. A More ❯

communication systems. The IT Cyber Security Solution Architect must have extensive experience in a range of cybersecurity areas such as Security Architecture, Risk Management, Incident Response & Management, Security Technologies Evaluation, Business Continuity & Disaster Recovery, Vendor & Third-Party Security, Continuous Monitoring & Improvement, C-Suite Relationship, and Stakeholder Management. A More ❯

solving, infrastructure tooling and wider DevOps practices to provide a service of Luminance's unique software applications. The team plays a crucial role in incident response and issue resolution, swiftly addressing and resolving service interruptions to maintain the highest level of customer satisfaction. With a focus on automation More ❯

CD pipeline for promoting software into higher environments through validation and operational gating, and lead Mastercard in DevOps automation and best practices. • Practice sustainable incident response and blameless postmortems. • Take a holistic approach to problem solving, by connecting the dots during a production event thru the various technology More ❯

administering services like Active Directory, DNS, and DHCP. A track record of managing high-availability infrastructure in enterprise or hybrid environments. Experience of monitoring, incident response, and performance tuning across physical, virtual, and cloud-based systems. Familiarity with ITIL practices and delivering services that meet or exceed SLAs. More ❯

high-risk environments managing classified materials. Previous experience working as a Site Security Manager/Controller. Strong technical expertise in security risk management and incident response. Experience with security systems, manned guarding, and compliance auditing. Recognised security qualifications with knowledge of HMG and industry standards. Deep understanding of government More ❯