1 to 25 of 51 Contract Incident Response Jobs in the UK excluding London

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

rota. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier … Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

premise environments. Contribute to the development and governance of CI/CD pipelines, ensuring consistency and efficiency. Support the implementation of monitoring, observability, and incident response frameworks. Operational Excellence Collaborate with SRE and operations teams to ensure platform reliability, performance, and resilience. Participate in incident response … Certifications in cloud platforms or DevOps practices. Experience with automation frameworks (e.g., Terraform, Ansible). Exposure to platform governance and architecture forums. Familiarity with incident management and operational support processes. Some international travel may be required SC Senior Platform Engineer - Hampshire (full time onsite) - £480-£580 per day outside ...

Operational Technology) Outside IR35 Duration: 6 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated … policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. ...

Operational Technology) Outside IR35 Duration: 6 – 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated … policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. ...

Contract (Inside IR35) Our leading financial services client is seeking an experienced Cyber Security Programme Manager to support key initiatives across Resilience, Cyber, and Incident Response . This role will play a pivotal part in shaping and delivering strategic cyber and data transformation programmes, ensuring alignment between business … needs, technology, and governance. Key Responsibilities: Drive and prioritise business requirements across multiple stakeholders, with a focus on Cyber, Resilience, and Incident Response. Ensure user stories and technical frameworks are aligned with strategic programme goals and business outcomes. Collaborate with technology and data teams to align requirements for application ...

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role ...

services, define strategic vision for improvement and reliability. Service Design and Implementation: Collaborate with architects and engineers to design secure services and oversee deployments. Incident Management: Coordinate incident response, root cause analysis, and corrective actions. Infrastructure Management: Ensure patching, evergreening, backups, and compliance for on-prem ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

working with the best standard technologies.The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

technologies. Creating security use cases to enable the wider SOC to respond to a wider array of threats. Identify where automation can assist the Incident Response team when investigating suspicious activity. Creation of analytic content to enable quantifiable metrics on SOC performance. Additional Accountabilities Able to lead ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

other engineers. Monitoring and Operational Excellence: Implement and manage monitoring, logging, and alerting solutions (e.g., Prometheus, Grafana, Stackdriver) to ensure high availability and proactive incident response for all hybrid infrastructure. Required Skills & Qualifications Experience: 5+ years of experience in a DevOps, SRE, or Platform Engineering role. GCVE Expertise ...

/analysis. Provide expertise in deploying, configuring, and maintaining Fortinet products within the network and security landscape. Work with cross-functional teams to support incident response, problem resolution, and continuous service improvement. Produce and maintain clear technical documentation, operational procedures, and configuration standards. Essential Experience & Skills Significant, proven ...

organisation from cyber threats. You will be part of a 24x7 team responsible for monitoring their systems, detecting potential security incidents and initiating the incident response process. Essential skills & experience required: As the Senior SOC Analyst you will possess current security clearance to DV Level together with experience … Security Information and Event Management (SIEM) systems, to detect suspicious activity. Analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents. For confirmed incidents ...

dashboarding, along with experience migrating workloads to Elasticsearch. In addition to migration duties, the candidate will maintain and enhance existing Splunk infrastructure, provide incident support, manage upgrades, and ensure observability platforms remain secure and performant. This role demands a technically strong individual with excellent stakeholder communication and problem-solving … configure alerting and monitoring using Kibana, Elasticsearch Watcher, or third-party tools. Ensure migration plans include validation, rollback procedures, and knowledge transfer. Platform Operations & Incident Response: Maintain Splunk infrastructure in both Production and Non-Production environments. Support Splunk SRE and Application teams in incident investigation and resolution. ...

requirements. Job Responsibilities/Objectives Maintain high availability and resilience of IKP services across multi-cloud and on-prem environments. Implement monitoring, alerting, and incident response for IKP components. Develop automation for IKP deployment, scaling, and lifecycle management. Integrate IKP processes into CI/CD pipelines for secure … Familiarity with OpenShift, Kubernetes, and container security best practices. Knowledge of cryptographic principles, PKI, and encryption standards. Proficiency in monitoring tools (Prometheus, Grafana) and incident management frameworks. Certifications such as CISSP, CISM, or cloud security certifications preferred. If you are interested in this opportunity, please apply now with your ...