1 to 25 of 32 Incident Response Jobs in the Thames Valley

Title: Holistic Incident Response Manager (WARP) Location: Hybrid – Reading (2 days/week onsite, travel expensed) Clearance: Active SC clearance required Contract Type: Inside IR35 Duration: 6 months Start Date: ASAP Overview: An exciting opportunity to join a nationally significant programme within the defence and national security sector … delivering critical cyber resilience outcomes. We’re seeking an experienced Incident Response Manager to lead cyber readiness and response activities, including the development and coordination of a Warning, Advice and Reporting Point ( WARP ) capability.You’ll be responsible for aligning incident response frameworks with national cyber ...

Cyber Incident Response Lead – Defence – SC Cleared We’re supporting the delivery of a nationally significant defence programme that’s shaping the UK’s future capabilities in secure systems and platforms.As a Cyber Incident Response Lead Specialist, you will take the helm in managing and evolving … cutting-edge cyber response function, including the oversight of a WARP (Warning, Advice and Reporting Point) service to enhance threat visibility and collaboration across stakeholders and delivery partners.Key Responsibilities Lead and coordinate response to cyber security incidents across a complex and sensitive defence environment Manage and continually evolve ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management Ensure … effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

cloud environment. This is not a traditional SOC role focused on alert handling . The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment. … senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes. Typical responsibilities include: Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis. Designing, tuning and improving detection across SIEM ...

high-performing Security Operations Centre supporting a large-scale telecoms environment. This is a hands-on Tier 2 CERT role focused on investigation, response, and remediation of security incidents across enterprise-scale infrastructure. If you enjoy solving real incidents rather than just closing tickets, this role will suit you. … Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities with IT and engineering teams Produce clear incident reports with technical findings and remediation actions Quality assurance of SOC L1 triage and alert handling Develop and refine detection use cases, playbooks ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage … vulnerability assessments and remediation efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero ...

implementing technical protocols to owning security compliance to championing best security practice to the business. The Role Design and implement security solutions Contribute to Incident response and Disaster Recovery programs Partner with IT and wider business to align processes with best practice Ensure compliance with security policies, procedures … frameworks Lead and participate in incident response and disaster recovery programs Skills and Experience Strong knowledge of IT infrastructure and security tools Proven understanding of desktop and server operating systems Experience with SIEM, endpoint protection, identity management and cloud security tools Understanding of cloud security and compliance (CISSP ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

Analyst to join a growing IT function within a well-established organisation. This is a hands-on role with real influence across security governance, incident response and risk management. What youll be doing: Protecting systems from cyber threats and unauthorised access Monitoring networks, servers and endpoints for security ...

application-based access Design and maintain break-glass and emergency access procedures Integrate BeyondTrust with SIEM platforms for security monitoring, alerting, and incident response Configure and maintain connectors for Active Directory, Entra ID, and target systems Manage platform upgrades, patching, availability, and health monitoring Troubleshoot connector failures, session ...

governance and security best practices, and support development teams through reliable CI/CD infrastructure. Key responsibilities include: Overseeing daily cloud operations including monitoring, incident response, troubleshooting, and optimisation. Leading and managing both short and long-term project planning (Agile, sprints, iteration planning). Developing and implementing cloud ...

Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital … Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital ...

cloud (Azure) infrastructure, with a strong emphasis on security, resilience and availability. You will play a key role in infrastructure upgrades, new solution design, incident response and disaster recovery planning, working across multiple UK sites with occasional wider travel. Key Responsibilities Design, implement and support on-premise ...

Directory, and Group Policy, using PowerShell extensively for automation scripting.Your responsibilities will include supporting our Cisco network infrastructure and Meraki Wi-Fi systems, leading incident response and conducting root cause analysis when issues arise. You'll oversee patching, backup, disaster recovery, and business continuity protocols while collaborating ...

observability tools Understanding of cloud cost management and resource optimisation principles Comfort with troubleshooting and supporting development teams Understanding of service reliability and incident response practices Connells Group UK is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race ...

operations are effective, resilient and aligned with wider security, engineering and programme objectives. Key Responsibilities Provide management oversight of cyber operational activities, including monitoring, incident response and vulnerability management Define and maintain cyber operations governance, processes and reporting Act as the senior point of coordination for cyber incidents … Skills & Experience Active SC Clearance or above Proven experience in cyber operations management, security operations oversight or cyber assurance roles Strong understanding of cyber incident management, threat monitoring and operational security controls Experience operating in complex, regulated or safety-critical environments Ability to manage and assure cyber services delivered ...

cybersecurity threats and trends, as well as advancements in network security technologies. Develop and enforce policies and procedures for network access, monitoring, and security incident response. What youll bring Youll have professional certifications such as CCNA, CCNP, or extensive knowledge of Checkpoint and Cisco Firewalls, and F5 Load Balancers ...

Milton Keynes. As part of the first line of defence, you'll be responsible for monitoring systems, identifying potential threats, and ensuring rapid incident response to safeguard critical services. Responsibilities Keep a close watch on SIEM platforms and other monitoring tools to spot unusual activity. Evaluate and triage … senior analysts. Record incidents thoroughly in tickets and reports to support investigations. Help maintain and fine-tune security tools to improve detection and response capabilities. What you'll need to succeed Experience within Security Operations Strong attention to detail and a proactive mindset. Flexibility to work a rotating ...

CSAS reviews. Maintenance of platform security and Secure by design documentation. Development and maintenance of platform security standards and policies (Including SecOps) Development of incident response plans in line with Services policy Ongoing cyber and security threat assessment to the CITADEL platform and customer systems. ...

Support Manager with delegated technical workload and escalation oversight. Ensure incidents and escalations are resolved in line with agreed processes and SLAs. Participate in incident response, coordinating technical resolution and communication. Contribute to documentation, knowledge sharing, and continuous improvement of support processes. Required Skills & Experience Minimum 4 years ...

hardware-in-the-loop (HIL), bench tests, regression tests. Reliability, Safety & Compliance Drive FMEA, DFMEA, and robust validation plans (bench, rig, track); own incident response and root-cause analysis. Ensure compliance with FIA/series regulations, homologation constraints, scrutineering requirements, and BoP-related data handling. Where appropriate, complete ...