1 to 25 of 42 Incident Response Jobs in the East of England

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

Endpoint monitoring and analysis. * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders. * Enforce security policies, procedures, and guidelines for all IT systems and operations. * Provide recommendations for improving security practices to meet evolving regulatory and organisational needs. * Vulnerability … identification & mitigation/remediation. * Advise incident responders & other teams on cybersecurity threats. * Triage security events and incidents and apply containment and mitigation/remediation strategies. * Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and services. * Maintain comprehensive documentation related to security configurations, incident reports, audits, and compliance activities. * Proactively monitor the performance of … avoidance actions to prevent wider problems. * Function as the point of escalation for the Service Desk for security-related tickets. * Analysis of weekly vulnerability scans and update relevant records. * Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). * Monitor and analyse security logs from various systems (including SIEM) and network devices More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools and technologies, and stay informed on emerging threats and vulnerabilities. Required More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python More ❯

strategies that are pragmatic and aligned with business goals. Provide expert security guidance to engineering and product teams, ensuring secure-by-design development and deployment of new features. Support incident response processes, offering technical insight and strategic recommendations as needed. Line management of one team member, including day-to-day support, regular check-ins, task prioritisation, and helping More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an Embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience eg Python More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: * Effective Tier 1 to 2 alert triage … Solutions Lead with project activity * Conduct proactive threat hunting in collaboration with the CTI function * Conduct HR and InfoSec related investigations * Ensure the timely triage and remediation of any incident or request tickets raised to the SOC * Participate in the activity of adding/removing URLs from the AcceptList and BlockList * Attend routine security meetings Modis International Ltd acts More ❯

seeks a Microsoft Security (Sentinel) Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35 Role Overview:Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration … SOC operations. Responsibilities:Lead technical migration of log sources into Microsoft Sentinel SIEM.Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities.Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management.Collaborate with Cyber … Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency.Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.Collaborate with third-party vendors and service providers to More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

delivery, with relevant industry or academic experience to meet the requirements of the role. Delivery within a proactive cybersecurity system where monitoring and threat intelligence drive delivery alongside great response to incidents as they emerge, including in partnership with 3rd parties. Familiar with the application of security certifications such as ISO27001, NIST to global organisations with significant outsourced value … data privacy and data handling issues in organisations with significant outsourced value stream activities In the field of Information and Cyber Security experience of; risk management processes, management of incident and resolution, development and reporting of key KPIs, audit and continuous improvement response and delivery through external partnerships Definition and delivery of policy and process documentation to support … incident response, proactive management and audit Essential capabilities: Development agility - Bicycle is a growing and evolving company. You will have the opportunity to be self-starting, entrepreneurial and eager to develop within a supportive environment Partnership - Information and cyber security is critical to our business success. You will need to deliver with business stakeholders not to them - our More ❯

standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement, cross More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient … operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging More ❯

will be doing as a Lead Security Engineer; Risk Management: Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and More ❯

explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯

explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯

Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices, and knowledge-sharing across the team. Prepare and present reports for managed clients More ❯

response. • Soft Services Management - Ensuring effective delivery of cleaning, waste management, catering, reception, and porterage. • Contract & Supplier Management - Managing outsourced service providers and ensuring compliance with SLAs. • Business Continuity & Incident Management - Developing and maintaining business continuity plans for NBIP (BCP). • Compliance, Insurance & Risk Management - Ensuring adherence to health, safety, and environmental policies. • Mechanical, Electrical & Building Fabric Maintenance - Supporting … control systems, working with the EI Business Support team as needed who locally manage systems within the EI Building. Operational Management • Analyse Business Systems data to identify trends, improve response times, and enhance efficiency. • Work with the FM Business Partner to provide data-driven insights for performance monitoring. • Drive continuous improvement to ensure customer-focused service delivery. Soft Services … ensure compliance and contractual performance. • Develop and sustain relationships with key stakeholders. Security & Access Management • Manage site security services, including contracted security staff, access control, and CCTV. • Ensure robust incident response procedures, coordinating with emergency services when necessary. • Work with internal stakeholders to manage security risks, access controls and mitigate threats. • Oversee visitor management protocols, ensuring compliance with More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

their industry, with exciting scope for expansion into further industries. This role is looking for a Graduate or experienced SRE professional to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 - £70,000 per annum + excellent benefits including private healthcare (could be more available for an experienced SRE) Requirements … degree from a leading international University in a STEM subject A minimum of AAB at A-Level or international equivalent if applying at Graduate level Any experience working an incident response or technical support environment would be beneficial (could be as intern/year in industry etc) Brilliant communication skills - this role is a highly interactive role Ideally More ❯

experience: Worked as a Security Engineer focussing on enhancing a global SOC's capability Building automated workflows, playbooks, and logging integrations to enhance the SOC's scalability, efficiency, and incident response readiness. Designed and fine-tune proactive and reactive detections in Sentinel - working closely with Threat Intelligence, IR, and Attack Surface Management teams. Partnered with SOC analysts to More ❯

You'll play a critical role across the full product lifecycle: developing and maintaining robust product security for government and military platforms. From risk assessment and accreditation support to incident response, documentation, and through-life security planning, you'll help embed secure engineering practices while supporting continuous improvement, training, and policy development. Key Requirements: Experience in product security More ❯

cyber security. BASIC QUALIFICATIONS Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations Understanding of security threats, hands-on experience detecting and defending from cyber-attacks, and experience using big data analytics and orchestration More ❯