1 to 25 of 128 Incident Response Jobs in the South East

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal … with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/ More ❯

ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯

for completing the implementation of a number of strategic based security solutions for new security tooling or existing. The engineer will also participate in security related service management processes (incident, change and problem management) and will participate in the planning, design, enforcement and review of security controls which protect the integrity of the firm. Essential Duties and Responsibilities for … DLP. Standard, third party and privilege Identity Access Management Operate, manage and improve HSM key management infrastructure. Remediation of external, internal vulnerabilities, web application scanning and patch compliance. Cyber Incident Management and or Security Forensic experience. Documenting High Low and Detailed Level designs for review and presentation. Representing IT security at the Change Authority Board, Architecture Review Board Attend … years Cyber Security Engineer experience. Hands-on technical support experience in IT and Network Security Engineering and/or Systems Engineering roles. Substantial experience in Security Technology Management and Incident Response, including proficiency in SOC, Malware, Ransomware, Threat Analytics, Server and Endpoint security. Must be proficient in writing up documentation. Clear and concise presenting skills. Strong communication and More ❯

defences by maintaining and optimising security operations tools and processes. You'll focus on monitoring, analysing, and responding to cyber threats, while supporting the SOC team and ensuring effective incident management across the business. Your role will involve collaborating with technology and business stakeholders, investigating security alerts, enhancing tooling performance, and supporting the delivery of continuous improvement and risk … to readiness for significant incidents and play a key role in proactive threat hunting and compliance reporting. What you'll be doing as a Senior Cyber Security Analyst: Security Incident Response : Investigate security alerts from SIEM and third-party MSSPs, triage and respond to incidents, and support root cause analysis to drive remediation. Stakeholder Engagement : Work closely with … alert tuning and automation. SOC Support & Escalation : Act as a key contact and escalation point for the SOC team, providing guidance and mentoring to support operational effectiveness. On-Call & Incident Readiness : Participate in a 24/7/365 on-call rota with MSSP partners, supporting out-of-hours investigations and maintaining incident readiness. Threat Hunting & Continuous Improvement More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

responsible for implementing and managing security infrastructure, responding to threats, and ensuring compliance across systems. You'll work with various cyber security solutions while driving security best practices and incident response. If you have experience in cybersecurity tools, governance, and access management-and want to use your skills to support a mission that changes lives-this is your chance … Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA … and Zero Trust security principles. Your expertise in network security, VPNs, SD-WAN, and Microsoft Defender solutions will help safeguard our systems, while your contributions to incident response, governance, and security strategy will shape the future of our cybersecurity posture. If you're passionate about cybersecurity and want to make a meaningful impact, then this role is for More ❯

SOAR Engineer/Analyst (Security Orchestration, Automation, and Response) Duration: 12 months Pay: £360.26/day PAYE or £495.15/day via umbrella Location: Remote (UK) Role Purpose The SOAR Engineer/Analyst is responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre. This role integrates multiple … security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps (Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence … Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯

and lead the global cyber security strategy. This is a high-impact, senior leadership role ideal for someone who combines strategic oversight with hands-on expertise across security operations, incident response, and governance. As the business continues to modernise its technology infrastructure, this role will be central to protecting digital assets and ensuring compliance with global security and … privacy standards. What You’ll Be Doing: Define and implement the cyber security strategy, policies, and controls across a multi-regional environment. Lead global security operations, including threat detection, incident response, and risk mitigation. Manage compliance with standards such as ISO27001, NIST, Cyber Essentials+, and GDPR. Build and develop a high-performing cyber team spanning multiple international offices. … Collaborate with senior leadership, risk committees, and external vendors to ensure alignment on cyber risk and mitigation. Own the incident response function, including planning, testing, and leading responses when required. Drive security awareness across the organisation with a measurable, well-governed training programme. What We’re Looking For: Minimum 5 years’ experience in a senior cyber security role More ❯

who all share the Mondas vision. We are a Cyber Consultancy that specialises in Security prevention and detection. Mondas delivers bespoke Cyber Security Solutions, helping our clients streamline their incident response and recovery process with our automated approach to SOAR, SIEM & MDR. Responsibilities: ? Respond to and manage security incidents, ensuring timely and eff ective resolution ? Conduct in-depth … investigations to identify root causes and implement corrective actions ? Mentor and train junior analysts, promoting knowledge sharing and skill development within the team ? Produce and maintain Incident Response plans and playbooks ? Develop, implement and refi ne SOC processes, procedures and tools ? Produce technical and expertly written incident reports to clients ? Collaborate with other IT teams to enhance … Azure, etc.) and securing hybrid environments ? Strong communication skills, both written and verbal, with the ability to explain complex security issues to non-technical stakeholders ? Some experience within an Incident Response capability ? Familiar with Information Security frameworks What do we offer? ? Opportunity to progress your career ? Leverage market leading security tools ? Continuous training to upskill staff ? Commitment to More ❯

is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect their critical … the end-to-end delivery of cyber resilience projects, ensuring solutions are scalable, secure, and aligned with client goals Design and implement advanced cyber resilience solutions and frameworks Manage incident response, guiding teams through breach containment and recovery Engage directly with clients to identify requirements, provide expertise, and drive successful outcomes Facilitate Agile ceremonies to support efficient project … members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 InsightConnect), and cloud security More ❯

managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related … managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities Strong collaboration, teamwork and relationship building skills across multiple levels and functions in the organization Able to communicate … technical or complex subject matter in business terms. Implement, manage, and maintain global security platforms Manage and participate in computer security incident response activities and the technical investigations of security-related incidents Conduct investigations of security related incidents Identify security vulnerabilities, perform solution security reviews and risk assessments, and partner with colleagues to respond to incidents and remediate More ❯

key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

teams Work with our Channel team to help support and enable our Distributors and Resellers You will become an expert in Email Security, Advanced Persistent Threats, Attack Protection, Threat Response, Data Loss Prevention (DLP), and the threat landscape Occasional travel required. What You Bring To The Team Proven hands-on experience, either as a Sales/Systems Engineer, Technical … are recommended Enterprise email solutions such as Exchange, O365, G-Suite, Lotus Dominoorworking knowledge of SMTP IT security related areas such as Vulnerability and Risk Management, Security Operations or Incident Response Data Loss Prevention (DLP), compliance and data privacy Cloud security and shadow IT monitoring Cloud computing Infrastructure (e.g. AWS/Azure) Nice to have Hands on experience More ❯

Lead the development and implementation of the Information Governance Framework, policies, and procedures. Ensure compliance with regulatory requirements e.g., GDPR, ISO 27001, Cyber Essentials. Proactively manage cyber risks and incident response plans Digital Transformation Drive digital programs including automation, data analytics, self-service platforms, and customer-facing technologies. Promote agile delivery models, DevOps, and cross-functional digital teams More ❯

risks, coordinate remediation strategies, and enhance executive-level reporting. Key Responsibilities: Define and enforce security best practices across cloud environments (Azure, AWS) Lead cloud security risk assessments, audits, and incident response efforts Integrate security into CI/CD pipelines and DevOps operations Manage and interpret insights from cloud-native security tools (e.g., GuardDuty, Azure Defender) Ensure compliance with … in technical cyber roles (SOC, security engineering, threat analysis) Minimum 3-5 years working in cloud environments Deep knowledge of Microsoft Azure (and ideally AWS) Expertise in vulnerability management, incident response, and cyber risk triage Strong understanding of cloud security principles and the shared responsibility model Familiarity with frameworks like MITRE ATT&CK and Zero Trust architectures Confident More ❯

evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents, and events … Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis activities. Participate in our on-call rotation for cyber incident response. Contribute to documentation and certification processes such as Cyber Essentials. Engage with cross-functional teams to improve security practices and awareness. What we're looking for Must have More ❯

strategies. Your responsibilities will include maintaining detailed documentation on security architecture, patterns, and practices, advising on critical aspects such as data protection, identity and access management, network security, and incident response within Azure. Staying abreast of the latest Azure security capabilities, threats, vulnerabilities, and industry trends will be essential. You will also support audit, compliance, and regulatory requirements More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

automation, cloud technology, and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incident response during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning … cyber security trends, threats, tools, and protocols -demonstratable vendor agnostic technical appreciation of both defensive and offensive Cyber Security with focus on Microsoft security competencies. Strong experience in leading incident response, technical investigations, and high-pressure decision-making. Excellent communication skills with the ability to influence and collaborate at all organisational levels. Strategic thinking with a focus on More ❯