10 of 10 Contract Incident Response Jobs in the Thames Valley

Title: Holistic Incident Response Manager (WARP) Location: Hybrid – Reading (2 days/week onsite, travel expensed) Clearance: Active SC clearance required Contract Type: Inside IR35 Duration: 6 months Start Date: ASAP Overview: An exciting opportunity to join a nationally significant programme within the defence and national security sector … delivering critical cyber resilience outcomes. We’re seeking an experienced Incident Response Manager to lead cyber readiness and response activities, including the development and coordination of a Warning, Advice and Reporting Point ( WARP ) capability.You’ll be responsible for aligning incident response frameworks with national cyber ...

Cyber Incident Response Lead – Defence – SC Cleared We’re supporting the delivery of a nationally significant defence programme that’s shaping the UK’s future capabilities in secure systems and platforms.As a Cyber Incident Response Lead Specialist, you will take the helm in managing and evolving … cutting-edge cyber response function, including the oversight of a WARP (Warning, Advice and Reporting Point) service to enhance threat visibility and collaboration across stakeholders and delivery partners.Key Responsibilities Lead and coordinate response to cyber security incidents across a complex and sensitive defence environment Manage and continually evolve ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management Ensure … effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

application-based access Design and maintain break-glass and emergency access procedures Integrate BeyondTrust with SIEM platforms for security monitoring, alerting, and incident response Configure and maintain connectors for Active Directory, Entra ID, and target systems Manage platform upgrades, patching, availability, and health monitoring Troubleshoot connector failures, session ...

operations are effective, resilient and aligned with wider security, engineering and programme objectives. Key Responsibilities Provide management oversight of cyber operational activities, including monitoring, incident response and vulnerability management Define and maintain cyber operations governance, processes and reporting Act as the senior point of coordination for cyber incidents … Skills & Experience Active SC Clearance or above Proven experience in cyber operations management, security operations oversight or cyber assurance roles Strong understanding of cyber incident management, threat monitoring and operational security controls Experience operating in complex, regulated or safety-critical environments Ability to manage and assure cyber services delivered ...

Milton Keynes. As part of the first line of defence, you'll be responsible for monitoring systems, identifying potential threats, and ensuring rapid incident response to safeguard critical services. Responsibilities Keep a close watch on SIEM platforms and other monitoring tools to spot unusual activity. Evaluate and triage … senior analysts. Record incidents thoroughly in tickets and reports to support investigations. Help maintain and fine-tune security tools to improve detection and response capabilities. What you'll need to succeed Experience within Security Operations Strong attention to detail and a proactive mindset. Flexibility to work a rotating ...

CSAS reviews. Maintenance of platform security and Secure by design documentation. Development and maintenance of platform security standards and policies (Including SecOps) Development of incident response plans in line with Services policy Ongoing cyber and security threat assessment to the CITADEL platform and customer systems. ...