1 to 25 of 31 Incident Response Jobs in the North West

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern … edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

stakeholders. The Role As a Senior Security SME , you will take a lead role in advanced engineering work for SIEM and XDR, escalated security incident response, and advanced threat hunting. We are seeking a highly skilled and experienced L3 SME with strong engineering knowledge and deep expertise … average daily ingestion volumes, ensuring alignment with the procured license limits. Recommend optimization strategies to control costs without compromising visibility or detection capabilities. Automation & Response: Design and implement automated response workflows using Sentinel playbooks (Logic Apps).Enhance response efficiency by developing SOAR integrations across security tooling. Advanced ...

policies, and standards. Conduct risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead … incident response and recovery, including investigations and post-incident reviews. Deliver security training and awareness programs across the business. Assess and monitor vendor and third-party security compliance. Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks ...

Title: Incident Management Analyst/Major Incident Analyst Contract Type: Temporary Daily Rate: Circa £450/Day Contract Length: 12 Months Location: Chester Office (4 days in the office) Working Pattern: Full Time Shift: Sunday–Thursday or Tuesday–Saturday (07:00 – 16:00) Are you ready to take … pivotal role in a high-energy environment? Join our dynamic Global Command centre team as an Incident Management Analyst and become a critical player in ensuring the availability and performance of technology services! About the Role: As part of our commitment to operational excellence, you will oversee major incidents ...

also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. Endpoint Detection and Response (EDR) You’ll administer endpoint security and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams … define classification policies, and monitor for potential data leaks. Your work will help protect sensitive information and prevent unauthorised data exfiltration across the organisation. Incident Response You will form an important part of the incident response team when security incidents occur—analysing threats, assessing business impact ...

Title: Incident Management Analyst/Major Incident Analyst Contract Type: Temporary Daily Rate: Circa £450/Day Contract Length: 12 Months Location: Chester Office (4 days in the office) Working Pattern: Full Time Shift: Sunday-Thursday or Tuesday-Saturday (07:00 - 16:00) Are you ready to take … pivotal role in a high-energy environment? Join our dynamic Global Command centre team as an Incident Management Analyst and become a critical player in ensuring the availability and performance of technology services! About the Role: As part of our commitment to operational excellence, you will oversee major incidents ...

Cyber Practice as part of our Blue Team, where you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. If you're looking to make your mark on a rapidly growing SecOps team with some very exciting clients, this … attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key Responsibilities Detection Engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection ...

standards, and best practices in cybersecurity and compliance. Client Engagement: Participate in scoping calls, client meetings, and ongoing project management to ensure client satisfaction. Incident Response Planning: Assist clients in developing robust Cyber Security Incident Response Plans (CSIRP). We’re looking for someone with: CISM ...

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote ...

operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with … governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness ...

Level 3 Analyst North West/Hybrid CrowdStrike LogScale SIEM Incident Response Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services click apply for full ...

Clearance - Manchester Based or ability to travel to Manchester.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

Implement and manage comprehensive monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, ELK Stack) to provide deep insights into system behavior and ensure rapid incident detection. Lead Incident Management: Participate in our on-call rotation, acting as a key player in incident response and resolution. ...

business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such … 24x7 operational security coverage. Proactively drive efficiency improvements via the use of automation and AI in security operations processes. Own and develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain ...

payment experiences for millions of passengers, with high system availability and responsive issue resolution. The individual will lead operational practices, monitor system health, coordinate incident response, and serve as a key liaison between Ticketing Leadership, technology teams including internal and external suppliers and customer experience stakeholders. Key Responsibilities … System Monitoring: Oversee daily performance of ticketing systems, ensuring uptime and reliability. Incident Management: Respond to and resolve technical issues quickly, coordinating with internal teams and vendors. Vendor Coordination: Manage relationships with service providers, payment networks, and platform vendors to maintain SLAs. Compliance: Ensure adherence to PCI DSS, GDPR ...

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation ...

technologies. Creating security use cases to enable the wider SOC to respond to a wider array of threats. Identify where automation can assist the Incident Response team when investigating suspicious activity. Creation of analytic content to enable quantifiable metrics on SOC performance. Additional Accountabilities Able to lead ...

protection and compliance obligations. Data Management & Security Oversee practices for secure collection, storage, transfer, and disposal of data. Support IT and security teams in incident response, including data breaches, ensuring compliance with notification obligations. Partner with data owners, IT, and business units to ensure consistent enforcement of compliance ...

standards. Working with our Crypto custodians to ensure accurate transfer of information and maintaining records. Coordinate crypto change windows (key loads/rollovers), support incident response related to crypto assets, and drive continuous improvement of crypto processes. Ensure that Key Material is ordered from NCSC/ ...

areas will include: Enterprise-wide cyber strategy, roadmap, and assurance Security governance, policy, and risk management Architecture oversight across cloud, identity, endpoint, and networks Incident response leadership and oversight of managed security services Vulnerability management, threat monitoring, and operational performance Cross-functional collaboration and security culture development Cyber ...

integrations in hybrid environments Performing system upgrades, patches and maintenance Working closely with vendors and service providers Supporting IT security through proactive monitoring and incident response About You You'll bring a strong infrastructure background and the ability to work confidently across a varied and complex environment. Essential ...

regulatory teams to integrate information security into system design and delivery. Conduct risk assessments, threat modelling, and vulnerability analysis for IT environments. Oversee incident response planning and cyber resilience testing. Manage relationships with external vendors, regulators, and stakeholders. Provide leadership and mentoring to information security personnel within ...

service alerts. Azure Cloud Support Help with Azure resource provisioning, RBAC assignments, and subscription management. Support cost-analysis activities and automation for spend tracking. Incident Response & Monitoring Participate in L2/L3 incident processes across cloud and UC services. Use tools such as Wireshark and call analytics ...

their expanding cyber security function. This is a hands-on role where you’ll actively monitor security alerts, investigate incidents, and enhance detection and response processes within a Microsoft-first environment (Microsoft Sentinel, Defender for Endpoint, Defender for Identity, and Defender for Cloud Apps). You’ll be joining … looking for: Strong SOC analyst experience (preferably mid-level/L2 or above). Hands-on experience with Microsoft Sentinel and Defender. Experience with incident response, including investigation, remediation, and reporting. Analytical mindset, able to dig into potential issues and identify root causes. Collaborative attitude, with an interest ...