1 to 25 of 49 Incident Response Jobs in the West Midlands

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves … incidents. Conduct real-time analysis of security events and escalate as necessary. Support other teams in investigations, determining root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to contain, eradicate, and recover … from security incidents. Develop and maintain incident response plans aligned with industry best practices. Manage escalations during security incidents. Follow major incident processes. Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds to enhance proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper More ❯

to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incident response processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incident response strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯

log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy. Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write high-quality security incident … knowledge resources and independent research. Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks. Produce security incident review reports to present information about incidents and provide security improvement recommendations. Understand Threat Intelligence and its application in an operational environment. Conduct Threat Hunting to identify attacks that … may not have been captured. Support incident response to national-scale incidents in a coaching capacity. Assist in the development and implementation of SOC Use Cases. Collaborate with other teams within NTT DATA to improve services based on customer needs. Prepare disaster recovery plans. What experience you'll bring: Skills and Experience: Ability to obtain SC Clearance or More ❯

development, testing, and annual validation of disaster recovery and backup plans. Create and maintain up-to-date security documentation. Act swiftly and collaboratively in the event of a cyber incident, ensuring optimal recovery. Stay current with emerging threats and technological advancements in cybersecurity. Prepare for and manage annual penetration testing in collaboration with external vendors. Adhere to all Health … for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness & Risk Mitigation … shifting priorities in line with business objectives. High attention to detail and a strong commitment to accuracy and quality. Resilient and composed under pressure, especially in high-demand or incident response scenarios. ECS Resource Group are an Equal Opportunity Employer, for more information please click the following link: (url removed) In accordance with the Equality Act 2010, if More ❯

and procedures to ensure data security, privacy, and compliance with relevant regulations. Conduct regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber … threats targeting the organisation. Participate in or lead incident response activities related to email security breaches or data loss events. Develop playbooks and procedures for responding to incidents involving Proofpoint solutions. Required skills & Qualifications Expertise in data security, cybersecurity, or a related field. Hands-on experience with Proofpoint implementations (e.g., Email Protection, Targeted Attack Protection, Information Protection). More ❯

and on-premises security specialists, ensures information confidentiality, integrity, and availability by aligning security strategies with business objectives and complying with laws and industry standards. We act as the incident response team, and focus on threat intelligence, incident management, vulnerability assessments, access control, and security awareness training. We use advanced technologies like firewalls and System Information Event … control and risk levels are maintained throughout the organization. Be responsible for answering security questionnaires from clients on behalf of the practice. Act as an integral part of the Incident Response team during security incidents, providing technical expertise and support. Contribute to the ongoing information security program, addressing all aspects of security from on-premises to cloud (Azure More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

warnings). Notify the government of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the government's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Knowledge of cybersecurity and privacy principles, computer networking concepts, protocols, network security methodologies, laws, regulations More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. You’ll bring: Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design – from identity and access management More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or … of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years' experience in providing Vulnerability Management Services Demonstrable More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or … of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years' experience in providing Vulnerability Management Services Demonstrable More ❯

to date with the latest industry trends and emerging technologies in network security. * Provide support and guidance to IT teams on security best practices and compliance requirements. * Participate in incident response activities and perform forensic analyses when necessary. * Prepare and maintain documentation related to network security architecture and operations. Critical Skills for Success * Proven experience with security technologies More ❯

Provide expertise on security technologies such as firewalls, VPNs, IDS/IPS, and encryption. * Maintain knowledge of relevant laws, regulations, and industry standards related to network security. * Participate in incident response. Critical Skills for Success * Experience in IT security architecture or a similar role. * Strong analytical and problem-solving skills. * Experience with security technologies such as firewalls, VPNs, IDS More ❯

you're inspired to think big and bring your ambition to work every day, which is why, at British Airways the sky is never the limit. The role: Cyber Incident Lead This role reports into the Cyber Incident Manager, and works with stakeholders across the organisation to ensure BA is able to effectively identify, respond, and recover from … to, and manage, cyber incidents across the BA estate 24/7 365 days a year as part of an on call function. Responsible for developing, maintaining, and managing incident response processes Ability to present on complex, technical concepts to a wide range of stakeholders of varying seniority and knowledge Confident to engage with business stakeholders and build … ambiguous information Assist with the development of BA's in-house digital forensics capability, supporting various investigation teams across the organisation Work closely with other cyber teams to feed incident data back into tuning our security tool configuration and assessing our deployed controls Effectively liaise and communicate with other Operating Companies (OpCos) within IAG to respond to wider-impacting More ❯

Job Responsibilities/Objectives You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Within the Business Outcomes & Monitoring Solutions (BOMS) team-a multi-client centre of excellence delivering operational monitoring capabilities and tooling solutions that drive Business Intelligence and service assurance. … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

regular security assessments to ensure compliance with industry standards. * Create and maintain security policies to ensure data confidentiality, integrity, and availability. * Communicate security risks and recommendations to management. * Support incident response. Critical Skills for Success * Experience in IT security compliance or a related field. * Proven experience with security audits, risk assessments, and compliance reporting. * Proficiency in using security tools More ❯

infrastructure. Security Knowledge: Knowledge of cloud security best practices. Familiarity and competency with Identity and Access Management (IAM). Troubleshooting and Debugging: Strong troubleshooting and debugging skills. Experience in incident response. Experience working to an Agile methodology Ability to write technical documentation Configuration control (Git) Experience with Terraform Desirable Skills Containers and Orchestration: Understanding of containerisation (Docker). Experience More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Key Responsibilities Develop and implement comprehensive incident response strategies to address security threats swiftly and effectively Lead the threat and More ❯

with state and federal privacy and security laws. The DMD is also responsible for ensuring a strong, functional internal and external client satisfaction program, oversight of the organization's incident response program, and ensuring business continuity while driving key projects and managing staff. A key aspect of this role is coordinating with internal and external partners, including UMass … internal clients, focusing on relationship management. The DMD is responsible for ensuring Digital Solutions has embedded a successful client experience program that meets established goals and objectives, including prompt response to requests, established service criteria, implementation of service recovery model, training, and mentoring of DS staff as required. Provides oversight and direction to the Business Relationship Manager (BRM) and … the primary liaison between the Digital Solutions department and UMass Chan IT and Information Security teams to ensure alignment on technical strategies, cybersecurity protocols, and compliance with institutional policies. Incident Response and Business Continuity: Lead efforts in business continuity, incident response, and disaster recovery, ensuring swift resolutions and developing protocols for business continuity in case of More ❯

Established in 2006, CyberClan's carefully selected team of experts are capable of solving complex cyber security challenges - keeping data secure and businesses running as usual. CyberClan's Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology. We quickly identify, contain, eradicate, and … member, you will support and mentor junior staff and handle multiple projects simultaneously. Extensive travel may be required on short notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will join the Post Breach Remediation team, collaborating with cross-functional teams within the organization. Essential Functions Provide reliable guidance, both technical and non … technical, to help clients restore operations after a disaster. Own customer issues from troubleshooting to resolution or escalation. Identify and escalate urgent issues. Meet or exceed customer expectations regarding response quality, timeliness, and overall experience. Act as the point of contact for escalations, ensuring prompt resolution. Innovate beyond standard practices to rescue production environments. Identify long-term requirements during More ❯

Intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Responsibilities Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions, including application … aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance dashboards More ❯