1 to 25 of 68 Incident Response Jobs in the North of England

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern … edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

Engineer to help strengthen their defences and improve their security posture.This role is ideal for someone who wants to develop their skill set across incident response, cloud security, vulnerability management and cyber awareness. You’ll be joining a supportive team where learning is encouraged, ongoing development is resourced … backed (including SSCP, ITIL and cloud accreditations).This goes beyond routine monitoring — you’ll play a key part in enhancing security resilience, improving threat response processes, and helping embed a security-first mindset across the business. Please note: Due to the nature of the work, security vetting will ...

policies, and standards. Conduct risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead … incident response and recovery, including investigations and post-incident reviews. Deliver security training and awareness programs across the business. Assess and monitor vendor and third-party security compliance. Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks ...

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote ...

manage Infrastructure-as-Code (Terraform). Develop and enhance deployment automation and environment consistency. Maintain and optimise monitoring, alerting and logging. Support operational reliability: incident response, environment stability, and performance improvements. Lead cloud cost optimisation and usage reporting. Contribute to DevOps strategy, tooling, and roadmap. Cloud, IT Operations … external suppliers responsible for: Software, cloud integration, and identity services Physical server hardware, monitoring, connectivity, and onsite infrastructure Ensure uptime, maintenance scheduling, upgrades, and incident response are clearly managed and communicated. Escalate performance or stability issues and track them through to resolution. Support planning for future on-prem ...

develop and learn new skills, this could be the role for you. Everyone that joins us is required to undertake training and participate in incident response duties when the need to respond arises. Having an incident role is an essential part of working for the Environment Agency … active way to support communities and prevent harm to the environment. Further information on incident response can be found within your candidate pack. You’ll have access to our great benefits package, including generous annual leave, excellent pension and flexible working arrangements. We also offer extensive training ...

Support daily monitoring of security tools (antivirus, encryption, SIEM, firewall, vulnerability scanning) to detect and respond to potential threats. Assist with incident response and forensic investigation , producing accurate reports and escalation where required. Contribute to the development and maintenance of cyber security policies, procedures and awareness materials . … practice Knowledge of: o Network security o Operating systems and application security o Access control methodology o Physical security in an IT environment o Incident response o Risk assessment Up to date knowledge of technical applications Ability to think ahead and anticipate problems, issues and solutions Active Directory ...

operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with … governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness ...

work within the Information Security team, taking ownership of vulnerability identification, validation, prioritisation and communication across the estate. You'll collaborate with engineering, incident response, threat intelligence and operational teams to provide actionable mitigation strategies, guide remediation efforts, and strengthen the overall security posture. This is a high … Bounty programme Produce high-quality reporting, dashboards and programme metrics Review and assess threat intelligence, advising on business impact and recommended countermeasures Support Incident Response during security incidents Participate in RvB exercises and validate threat intelligence findings Mentor junior team members and coordinate major remediation activities Stay ahead ...

work within the Information Security team, taking ownership of vulnerability identification, validation, prioritisation and communication across the estate. You'll collaborate with engineering, incident response, threat intelligence and operational teams to provide actionable mitigation strategies, guide remediation efforts, and strengthen the overall security posture. This is a high … Bounty programme Produce high-quality reporting, dashboards and programme metrics Review and assess threat intelligence, advising on business impact and recommended countermeasures Support Incident Response during security incidents Participate in RvB exercises and validate threat intelligence findings Mentor junior team members and coordinate major remediation activities Stay ahead ...

methodologies within various GTIS teams. This is a hands-on engineering role where you will design, build, and optimise automation frameworks, observability tools, and incident response mechanisms. This role also involves collaborating across GTIS and CTO, engaging with storage, data, and other product teams. You will … Programming and Scripting - This includes expertise in languages such as Python, Powershell, or Go, which are essential for automating routine tasks and system deployments. Incident Management and Troubleshooting - The ability to manage incidents effectively, troubleshoot issues swiftly, and perform root cause analysis to prevent future incidents. Systems Engineering ...

methodologies within various GTIS teams. This is a hands-on engineering role where you will design, build, and optimise automation frameworks, observability tools, and incident response mechanisms. This role also involves collaborating across GTIS and CTO, engaging with storage, data, and other product teams. You will … Programming and Scripting - This includes expertise in languages such as Python, Powershell, or Go, which are essential for automating routine tasks and system deployments. Incident Management and Troubleshooting - The ability to manage incidents effectively, troubleshoot issues swiftly, and perform root cause analysis to prevent future incidents. Systems Engineering ...

Level 3 Analyst North West/Hybrid CrowdStrike LogScale SIEM Incident Response Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services click apply for full ...

assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel … detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other departments to ensure a unified security approach, including third-party risk ...

KPIs, SLAs and operational targets are met and continuously improved Managing, mentoring and developing SOC analysts to maintain a high-performing team culture Overseeing incident response processes, ensuring issues are escalated, handled and closed effectively Supporting the refinement of SOC processes, reporting, documentation and operational standards Acting … performance and process management A commercially minded approach, comfortable working with KPIs, reporting and wider business objectives Good understanding of SOC tools, processes and incident response workflows Strong communication skills with the ability to work effectively across technical and non-technical teams Exposure to or collaboration with service ...

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills ...

drive the development teams to improve resilience and reduce incidents. The ideal candidate would also work on shifting left and automating processes, reviewing every incident, and drive the Dev teams to work on preventative and permanent fixes to enhance overall processes. Focus Areas: Mission-critical production support (L1/… with L3 coordination) Incident & problem management (RCA, reduction of repeat incidents) Monitoring/Observability (Splunk, AppD, Grafana) SRE/DevOps collaboration (automation, CI/CD, resilience) Regulatory compliance & security in banking environments Team leadership across regions/time zones Must-Have Experience 8-12 years in IT production support ...

Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate … requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows ...

services, define strategic vision for improvement and reliability. Service Design and Implementation: Collaborate with architects and engineers to design secure services and oversee deployments. Incident Management: Coordinate incident response, root cause analysis, and corrective actions. Infrastructure Management: Ensure patching, evergreening, backups, and compliance for on-prem ...

business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such … 24x7 operational security coverage. Proactively drive efficiency improvements via the use of automation and AI in security operations processes. Own and develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain ...

participate in telecommunications projects, including system upgrades, migrations, and new implementations. Collaborate with other IT teams and external vendors to ensure project success. Incident Management Manage and document the lifecycle of critical incidents from initial report to resolution, including post-incident reviews. Develop and maintain incident response ...

Join our global cybersecurity team as Security Analyst. You’ll design and optimize security monitoring across hybrid environments, detect and analyze threats, and support incident response. This role combines hands-on technical expertise with strategic oversight, ensuring compliance with global standards like PCI DSS and ISO 27001. Ideal candidates … Defender, AWS Security Hub, GuardDuty, Inspector) Threat Detection : Analyze alerts, correlate events across hybrid environments, and leverage threat intelligence to identify and prioritize risks Incident Response : Escalate validated incidents, provide detailed context, and collaborate with operations teams for containment and recovery Continuous Improvement : Tune detection rules, automate workflows ...

payment experiences for millions of passengers, with high system availability and responsive issue resolution. The individual will lead operational practices, monitor system health, coordinate incident response, and serve as a key liaison between Ticketing Leadership, technology teams including internal and external suppliers and customer experience stakeholders. Key Responsibilities … System Monitoring: Oversee daily performance of ticketing systems, ensuring uptime and reliability. Incident Management: Respond to and resolve technical issues quickly, coordinating with internal teams and vendors. Vendor Coordination: Manage relationships with service providers, payment networks, and platform vendors to maintain SLAs. Compliance: Ensure adherence to PCI DSS, GDPR ...

bottlenecks using advanced problem-solving and performance tuning techniques. Conduct capacity planning and implement solutions to ensure systems can support current and future workloads Incident Response & Troubleshooting Respond swiftly to production incidents, ensuring minimal downtime and quick restoration of services. Perform root cause analysis and postmortems, implementing lessons … dashboards. Improve observability of services, ensuring issues are identified and addressed before impacting users. Continuously refine monitoring practices to reduce alert fatigue and improve response times. Automation & Tooling Develop automation to eliminate manual, repetitive tasks and improve operational efficiency. Write clear, maintainable, and well-tested code to support automation ...