1 to 25 of 70 Incident Response Jobs in the Midlands

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

a comprehensive cybersecurity strategy, ensuring alignment with business objectives and regulatory requirements (ISO 27001, NIST, GDPR). Proactively monitor, detect, and respond to security threats, vulnerabilities, and breaches, leading incident response and forensic investigations. Conduct regular security audits, penetration testing, and risk assessments, implementing corrective actions to strengthen defences. Oversee firewalls, IDS/IPS, endpoint protection, encryption, and More ❯

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves … incidents. Conduct real-time analysis of security events and escalate as necessary. Support other teams in investigations, determining root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to contain, eradicate, and recover … from security incidents. Develop and maintain incident response plans aligned with industry best practices. Manage escalations during security incidents. Follow major incident processes. Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds to enhance proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy. Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write high-quality security incident … knowledge resources and independent research. Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks. Produce security incident review reports to present information about incidents and provide security improvement recommendations. Understand Threat Intelligence and its application in an operational environment. Conduct Threat Hunting to identify attacks that … may not have been captured. Support incident response to national-scale incidents in a coaching capacity. Assist in the development and implementation of SOC Use Cases. Collaborate with other teams within NTT DATA to improve services based on customer needs. Prepare disaster recovery plans. What experience you'll bring: Skills and Experience: Ability to obtain SC Clearance or More ❯

contact for security incidents, leading investigations, and ensuring effective resolution Design, implement, and manage security measures for our applications and infrastructure to protect against security breaches Develop a rigorous incident response plan and lead post-incident reviews to improve our security posture Collaborate closely with development and infrastructure teams to integrate security practices into the DevOps pipeline … Oversee the deployment and management of security monitoring tools to ensure real-time visibility and response capabilities Conduct threat assessments and vulnerability assessments, and implement appropriate mitigation strategies Upskill and mentor the security team on best practices, emerging threats, and innovative security solutions Stay current on the latest cybersecurity trends, technologies, and threats, and proactively recommend enhancements to our … merging strategies Key Qualifications: Extensive experience in security operations roles, preferably in cloud and on-premise environments Proficiency in security monitoring tools (such as SIEM, IDS/IPS) and incident response processes Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS) Experience with scripting and automation tools for enhancing security processes Excellent communication More ❯

. You will contribute to: * Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. * Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel security teams. * Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and … Security: Support the integration of security policies into DevOps processes and cloud-based tools. * Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. * Incident Response: Act as a responder within VPI's cyber security incident framework. What we're looking for We are seeking a self-motivated individual with a strong More ❯

development, testing, and annual validation of disaster recovery and backup plans. Create and maintain up-to-date security documentation. Act swiftly and collaboratively in the event of a cyber incident, ensuring optimal recovery. Stay current with emerging threats and technological advancements in cybersecurity. Prepare for and manage annual penetration testing in collaboration with external vendors. Adhere to all Health … for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness & Risk Mitigation … shifting priorities in line with business objectives. High attention to detail and a strong commitment to accuracy and quality. Resilient and composed under pressure, especially in high-demand or incident response scenarios. ECS Resource Group are an Equal Opportunity Employer, for more information please click the following link: (url removed) In accordance with the Equality Act 2010, if More ❯

and procedures to ensure data security, privacy, and compliance with relevant regulations. Conduct regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber … threats targeting the organisation. Participate in or lead incident response activities related to email security breaches or data loss events. Develop playbooks and procedures for responding to incidents involving Proofpoint solutions. Required skills & Qualifications Expertise in data security, cybersecurity, or a related field. Hands-on experience with Proofpoint implementations (e.g., Email Protection, Targeted Attack Protection, Information Protection). More ❯

and on-premises security specialists, ensures information confidentiality, integrity, and availability by aligning security strategies with business objectives and complying with laws and industry standards. We act as the incident response team, and focus on threat intelligence, incident management, vulnerability assessments, access control, and security awareness training. We use advanced technologies like firewalls and System Information Event … control and risk levels are maintained throughout the organization. Be responsible for answering security questionnaires from clients on behalf of the practice. Act as an integral part of the Incident Response team during security incidents, providing technical expertise and support. Contribute to the ongoing information security program, addressing all aspects of security from on-premises to cloud (Azure More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

warnings). Notify the government of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the government's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Knowledge of cybersecurity and privacy principles, computer networking concepts, protocols, network security methodologies, laws, regulations More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. You’ll bring: Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design – from identity and access management More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or … of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years' experience in providing Vulnerability Management Services Demonstrable More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or … of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years' experience in providing Vulnerability Management Services Demonstrable More ❯

to date with the latest industry trends and emerging technologies in network security. * Provide support and guidance to IT teams on security best practices and compliance requirements. * Participate in incident response activities and perform forensic analyses when necessary. * Prepare and maintain documentation related to network security architecture and operations. Critical Skills for Success * Proven experience with security technologies More ❯

Provide expertise on security technologies such as firewalls, VPNs, IDS/IPS, and encryption. * Maintain knowledge of relevant laws, regulations, and industry standards related to network security. * Participate in incident response. Critical Skills for Success * Experience in IT security architecture or a similar role. * Strong analytical and problem-solving skills. * Experience with security technologies such as firewalls, VPNs, IDS More ❯

you're inspired to think big and bring your ambition to work every day, which is why, at British Airways the sky is never the limit. The role: Cyber Incident Lead This role reports into the Cyber Incident Manager, and works with stakeholders across the organisation to ensure BA is able to effectively identify, respond, and recover from … to, and manage, cyber incidents across the BA estate 24/7 365 days a year as part of an on call function. Responsible for developing, maintaining, and managing incident response processes Ability to present on complex, technical concepts to a wide range of stakeholders of varying seniority and knowledge Confident to engage with business stakeholders and build … ambiguous information Assist with the development of BA's in-house digital forensics capability, supporting various investigation teams across the organisation Work closely with other cyber teams to feed incident data back into tuning our security tool configuration and assessing our deployed controls Effectively liaise and communicate with other Operating Companies (OpCos) within IAG to respond to wider-impacting More ❯

Job Responsibilities/Objectives You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Within the Business Outcomes & Monitoring Solutions (BOMS) team-a multi-client centre of excellence delivering operational monitoring capabilities and tooling solutions that drive Business Intelligence and service assurance. … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

we can support you. The Recipe (About the Role) Take charge of enhancing and safeguarding our organisation's IT security landscape! You'll be diving into the analysis and response to security events and incidents, as well as spearheading engaging user awareness campaigns and training sessions. In addition, you'll play a vital role in supporting the implementation and … management of identity, access, and threat management controls throughout our IT environment. Identify, analyse, and respond to security events and incidents, escalating as per the incident response plan. Develop and deliver IT Security Education and Awareness materials for the entire organisation. Support IT Security Penetration Tests, Assessments, and audits, resolving findings promptly. Analyse vulnerability scans and provide recommendations … MFA, SSO, conditional access, Azure RBAC, PIM Experience with the following products and technologies: Microsoft Defender, Exchange Online, vulnerability management tools, phishing simulation tools Experience creating policies, procedures and response plans Excellent communicator with the ability to reduce complex issues and ideas to simple terms and express these both to non-technical and highly technical audiences. Ability to work More ❯