19 of 19 Contract Incident Response Jobs in the South East

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

OT SOC Analyst (Operational Technology) Outside IR35 Duration: 6 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated events and alerts then, using experience combined … IT environments. Policy: Create SOC policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. Forensics: Perform forensic analysis across … tools and platforms for threat prevention, detection and response. Audit: Support SOC2/NCSC CAF/ISO27001 audits and ensure compliance. Continuous Improvement: Automate and enhance monitoring, detection and response based on evolving threats. Skills, experience and previous achievements required: Essential Extensive End to End Cyber Incident Leadership Experience Extensive SOC L3/CSIRT L3 Experience Extensive CNI More ❯

OT SOC Analyst (Operational Technology) Outside IR35 Duration: 6 – 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated events and alerts then, using experience combined … IT environments. Policy: Create SOC policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. Forensics: Perform forensic analysis across … tools and platforms for threat prevention, detection and response. Audit: Support SOC2/NCSC CAF/ISO27001 audits and ensure compliance. Continuous Improvement: Automate and enhance monitoring, detection and response based on evolving threats. Skills, experience and previous achievements required: Essential Extensive End to End Cyber Incident Leadership Experience Extensive SOC L3/CSIRT L3 Experience Extensive CNI More ❯

include: Monitor, triage and investigate Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings and self-study. Perform analysis of More ❯

include: Monitor, triage and investigate Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings and self-study. Perform analysis of More ❯

investigated and remediated effectively but also translated into actionable insights and long-term improvements across the business. Skills required from the Security Analyst: Proven experience in a Security Analyst , Incident Response , or SOC environment (2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and … escalation of key security issues to management and relevant stakeholders. Advise on security best practices and improvement initiatives across systems, networks, and processes. Contribute to ongoing development of detection, response, and monitoring capabilities. Support reviews and recommendations around security toolsets, processes, and automation opportunities. The Security Analyst can work fully remote for the duration of the contract. Apply now More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC's security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery … will not be considered for interview) Minimum 5 years' hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To find out more information please contact Abbie More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for … CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in healthcare, charity, or public sector environments. Familiarity with NCSC CAF and NHS DSPT frameworks. Experience working with SOCs and incident response partners. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable More ❯

requirements, deliverables, and operational priorities Deliver timely, high-quality threat briefings and risk assessments to operational stakeholders Drive continuous improvement of threat intelligence processes, tooling, and automation Participate in incident response investigations, providing threat context and attribution support Maintain awareness of global regulatory and compliance requirements related to threat intelligence and offensive security operations Ad hoc requests from More ❯

robust governance across all business areas. Manage the ISO 27001 certification lifecycle - including audits, remediation, and recertification. Collaborate with technical and product teams to embed security standards and oversee incident response procedures. Drive measurable improvements in risk reduction and compliance maturity through strong audit oversight and playbook management. Digital & Clinical Safety Partner with IT, Clinical, Legal, and Executive … technical and clinical disciplines. Experience working with SIROs, Caldicott Guardians, DPOs, and certification bodies. Knowledge of international regulatory frameworks and multi-site operations. Experience with DCB0129/0160 standards, incident management, and external inspections. *Rates depend on experience and client requirements More ❯

Palo Alto, Fortinet, Check Point, Cisco, etc.) Strong background in network security, traffic flows, segmentation, and application security Understanding of OWASP, threat mitigation, and secure configuration principles Experience in incident response, troubleshooting, and performance tuning Excellent communication and documentation skills Click apply to be considered. More ❯

ensure seamless integration and deployment of applications. Implement and maintain security best practices and compliance standards across all AWS environments. Troubleshoot and resolve complex technical issues as part of incident response efforts. Maintain detailed documentation of architectures, configurations, and processes. Apply design patterns to ensure code reusability and maintainability. Develop and execute unit tests, following test-driven development More ❯

Key Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with approved designs Participate … in Microsoft FastTrack engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to date CV and More ❯

comprehensive vulnerability assessments and generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Vulcan Cyber, Tenable and Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents. Maintain up-to-date knowledge of the latest vulnerabilities, exploits More ❯

protection of systems and internal data will be the core responsibility of this position. Key Skills and Responsibilities: Oversee security operations, implementing tools and processes to enhance proactive monitoring, incident response, threat management, and vulnerability management. Maintain security processes, handle support requests, and investigate breaches as required. Monitor external security environments, identify emerging threats, and communicate findings to … and continuous improvement of IT Security Operations capabilities aligned with business needs. Promote the Security, Compliance & Identity function, building strong relationships across teams and stakeholders. Develop and maintain security incident playbooks and guidance. Interested? Please submit your updated CV to Lewis Rushton at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit More ❯

and progress of VM remediation efforts across engineering and up to leadership teams Data correlation and identifying patterns and trends, building MI which can be shared with stakeholders Security Incident response Assist in the management of high priority vulnerability incidents Co-ordinate with support teams in order roll out mitigation of vulnerability solutions Monitor daily dashboards from security More ❯

Business Continuity, Incident & Crisis Management ConsultantLeading Finance company Outside of IR35. Hybrid working - 3 days per week Our client, a leading financial services organisation based in the City of London is looking to hire an experience Business Continuity Consultant. The outcome of the assignment will lead the organisation's readiness programme in preparation for the PRA DyGIST exercise in … May 26. The successful candidate will provide leadership, coordination, and delivery oversight for our clients Business Continuity, Incident and Crisis Management framework to deliver a validated and operationally ready Business Continuity and Crisis Management framework. This assignment has been deemed outside of IR35.Hybrid working - 3 days per week. General responsibilities and deliverables: - Lead & coordinate Business Continuity, Incident and … accountability for resilience. Partner and oversee the appointed consultancy, ensuring that deliverables meet regulatory, operational, and governance expectations. Deliver hands-on remediation and delivery of improvements to business continuity, incident response, and crisis management plans. Ensure alignment across all functions including Underwriting, Claims, Finance, Risk/Assurance, Operations and IT. Communicate and coordinate with stakeholders to ensure identified More ❯

Infrastructure as Code) Work with virtualisation (VMware/vSphere, etc.) Configure/manage SAN/storage, Fibre Channel, zoning, LUN provisioning Participate in vulnerability assessments, patches, security hardening, and incident response Required Skills & Experience NPPV3 clearance, either current or active within the last 12 months (non-negotiable) Strong track record with Windows 11 deployment (imaging, upgrade, Autopilot, Intune More ❯