Cyber Incident Respond Lead Cyber Incident Respond Lead will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber Detect Team. Cyber … Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a strong incident … based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, Vulnerability Management, Attack Surface Reduction more »
infrastructure to detect, triage and respond to cyber security incidents. They are looking for a curious and passionate person with breadth of knowledge in IncidentResponse and problem-solving abilities across Information Security as well as in Enterprise IT to contribute to all levels of incident response. … Primary Duties: Leading the delivery of security event triage performed by Tier 1&2 SOC analysts. Leading the delivery of the technical response on information security incidents. IncidentResponse to upper-level Tier 2 and Tier 3 Deliver comprehensive and stakeholder focused reporting on incidents and events. … and the broader business functions. Support the enterprise IT Security functions. Technical: Proven experience with commercial SIEM platforms; Elastic Security SOC, preferred, or Splunk Incidentresponse software: Thrive IncidentResponse & Remediation Anti Virus: Microsoft Defender Cyber Triage Practical experience in the Microsoft ecosystem (on-premises, cloud more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
About the role It's an exciting time to join the Cybersecurity IncidentResponse team here at AXA, with significant investment planned in all UK&I businesses to transform & deliver new digital services to our customers and streamline and automate our business processes. To help us manage our … to the need of AXA in a manner that is admissible in court and in line with relevant standards Act as a forensic and incident handler providing design input into the IT project lifecycle Work with the security analysts to provide recommendations on security mechanisms Support the maintenance, testing … and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right to close this advert earlier than the listed closing date to ensure we more »
About the role It's an exciting time to join the Cybersecurity IncidentResponse team here at AXA, with significant investment planned in all UK&I businesses to transform & deliver new digital services to our customers and streamline and automate our business processes. To help us manage our … to the need of AXA in a manner that is admissible in court and in line with relevant standards Act as a forensic and incident handler providing design input into the IT project lifecycle Work with the security analysts to provide recommendations on security mechanisms Support the maintenance, testing … and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right to close this advert earlier than the listed closing date to ensure we more »
development to ensure our analysts remain knowledgeable and the skills in order to maintain our mission. We are looking for an experienced analyst/incidentresponse analyst with a passion for Cyber Security. Location - Reading/Basingstoke Salary - £35,840 - £48,000 pa As part of our People … more information available on our careers site Key Accountabilities: Monitoring activity on corporate networks for compliance against Company policy. Monitor alerts and first line response to Cyber security incidents. Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player. Additional … and tune existing rules and use cases Assess and develop existing toolsets to improve capability Support the wider AWE in improving our defences Conduct incidentresponse You Will Have: Experience within a SOC environment Incidentresponse experience A passion for Cyber Security A qualification/certification more »
in an often demanding environment, give constructive feedback and work with the team to develop individual and team performanceIn and Out of Hours security response escalation point for any incident managementManage the Cyber Security Incident process/procedure, and the Cyber security IncidentResponse Team … leading war games and cyber security incident scenarios alongside the Cyber Security Manager to provide the IT department with the skills and knowledge of addressing any real cyber security incidentsManage post-cyber security incident forensic investigations and reporting, bringing in third party specialists if deemed necessaryKeep up-to … excellent understanding of security approaches: ISMS, risk analysis and assessments, the CIA triad, attack vectors including social engineering, cryptography, confidentiality issues and cyber security incidentresponse best practices, including triage and chain of custodyProactively identifies areas for improvement, shares lessons learned with colleagues and encourages others to do more »
assets, conducting regular reviews and audits. Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities. IncidentResponse Planning Support: Collaborate with the incidentresponse team to develop and maintain response plans and procedures. Propose Future Organisational more »
security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy. Identify, evaluate, and mitigate cyber threats. Lead incidentresponse activities and investigations into security breaches. Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement … remediation, through the whole lifecycle to ensure safety and compliance for the business. Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incidentresponse capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the more »
internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in … security incidentresponse exercises and drills to test and refine our incidentresponse procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to more »
proactive and reactive security monitoring across information assets. KPI Development and Improvement: Develop and maintain key performance indicators (KPIs) while identifying areas for enhancement. IncidentResponse Leadership: Be the point person for cybersecurity incidentresponse, ensuring efficient and well-tested processes. Operational Checks: Establish and maintain more »
and external stakeholders to understand client requirements and translate them into actionable service delivery plans.Oversee the day-to-day operations of the SOC, including incidentresponse, threat detection, and vulnerability management.Monitor service performance metrics and KPIs, implementing continuous improvement initiatives to enhance service delivery efficiency and effectiveness.Act as … 5+ years) working within a Security Operation Centre (SOC) environment, with a focus on service delivery management.Strong understanding of cybersecurity principles and technologies, including incidentresponse, threat intelligence, and security monitoring.Proven track record of successfully managing client relationships and delivering high-quality services in accordance with SLAs and more »
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Oracle Corporation
information security.Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content.May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of … multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle.May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incidentresponse playbooks. Investigates purported intrusions and … breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
development of security tools that operate and are monitored within the Security Operations Centre (SOC) to identify and detect security threats, coordinating an effective response and recovery. This role leads a team of Security professionals and Partners that own the day to day safeguarding of customer information and physical … the service effectively Must have at least 5 years’ experience working in cyber security operations. • Must have practical experience of working in a security incidentresponse team and leading the technical response to cyber security incidents and be able to act as the incident manager. • Must … have a have experience in Vulnerability/Threat management including threat intelligence and threat hunting. • Must have good written and oral communication skills, including incident reporting and stakeholder management. • Must have experience in creating and documenting processes (processes, procedures, playbooks etc). • Must have experience working at pace within more »
trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incidentresponse procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor … s degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such more »
Reigate, Surrey, United Kingdom Hybrid / WFH Options
Just Group
contracts.Monitor vendor performance and escalate issues as necessary including regular service reviews.Manage network incidents and outages, leading troubleshooting efforts to maintain service level targets.Follow incidentresponse procedures coordinating with internal teams and external partners to restore services.Conduct post-incident reviews and analysis to identify opportunities for improvement more »
Reading, England, United Kingdom Hybrid / WFH Options
Areti Group
information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cyber security incidentresponse and ensure processes and procedures and playbooks are efficient, effective and are tested regularly in line with policy. Develop and maintain a more »
environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Manager, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll … escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incidentresponse capabilities and overall security posture. Office & WFH more »
and enjoy flexible working (x2 days office per month). As a Lead Cyber Security Engineer, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll … escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incidentresponse capabilities and overall security posture. Office & WFH more »
C2M2) * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incidentresponse team. * Implement metrics and dashboards to give visibility of the Enterprise more »
across information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cybersecurity incidentresponse and ensure processes and procedures and playbooks are efficient, effective, and are tested regularly in line with policy. Develop and maintain a more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cyber security incidentresponse and ensure processes and procedures and playbooks are efficient, effective and are tested regularly in line with policy. Develop and maintain a more »
services. * Experience using virtualisation software. * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incidentresponse team. * Implement metrics and dashboards to give more »
and reactive security monitoring and defense across all information assets. Develop and maintain KPIs, identifying areas for improvement and making recommendations accordingly. Lead Cybersecurity incidentresponse efforts, ensuring efficiency and effectiveness of processes, procedures, and playbooks. Establish and maintain a schedule of operational checks to guarantee the confidentiality more »