22 of 22 Permanent Incident Response Jobs in Berkshire

We are seeking an experienced and highly capable SOC Tier 3 Analyst to serve as a senior member of our Security Operations Center (SOC). You will lead advanced incident response efforts, conduct proactive threat hunting, perform digital forensics, and collaborate cross-functionally to safeguard our digital assets and infrastructure. This is a pivotal role for those passionate … about cybersecurity, threat detection, and investigative analysis. Key Responsibilities Advanced Incident Detection & Response Lead the investigation and resolution of complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep … to uncover hidden anomalies or malicious behavior. Partner with security engineering teams to build detection capabilities based on evolving threats. Digital Forensics & Investigation Conduct detailed forensic investigations to determine incident scope, root cause, and impact. Collect and preserve digital evidence in accordance with legal and regulatory standards. Deliver comprehensive findings, timelines, and impact reports. Remediation & Recovery Advise on containment More ❯

We are seeking an experienced and highly capable SOC Tier 3 Analyst to serve as a senior member of our Security Operations Center (SOC). You will lead advanced incident response efforts, conduct proactive threat hunting, perform digital forensics, and collaborate cross-functionally to safeguard our digital assets and infrastructure. This is a pivotal role for those passionate … about cybersecurity, threat detection, and investigative analysis. Key Responsibilities 🔍 Advanced Incident Detection & Response Lead the investigation and resolution of complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep … to uncover hidden anomalies or malicious behavior. Partner with security engineering teams to build detection capabilities based on evolving threats. 🔬 Digital Forensics & Investigation Conduct detailed forensic investigations to determine incident scope, root cause, and impact. Collect and preserve digital evidence in accordance with legal and regulatory standards. Deliver comprehensive findings, timelines, and impact reports. 🛠 Remediation & Recovery Advise on containment More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and … that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/… security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing More ❯

day-to-day security operations and services, both in-house and outsourced Lead a small team covering Microsoft 365, identity management, and security Oversee security tools, monitoring systems, and incident response Guide improvements to identity and access processes with a focus on automation Work with IT teams to ensure security is built into systems and projects Maintain a … high-quality technical services Other Commitment to ongoing training and development Willing to travel between sites if needed Desirable Criteria Experience managing Microsoft 365 services ITIL certification or similar Incident response training (e.g., CREST, GIAC) Knowledge of public cloud (Azure, Oracle Cloud) Experience in 24/7 operations Familiarity with AHV Hypervisor Experience working with teams beyond core More ❯

collaborative and innovative environment. Stakeholder Communication: Act as a key point of contact for security-related matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders. Incident Response: Lead the response to security incidents, coordinating with relevant teams to contain and remediate issues quickly and effectively. Continuous Improvement: Drive continuous improvement initiatives to enhance More ❯

collaborative and innovative environment. Stakeholder Communication: Act as a key point of contact for security-related matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders. Incident Response: Lead the response to security incidents, coordinating with relevant teams to contain and remediate issues quickly and effectively. Continuous Improvement: Drive continuous improvement initiatives to enhance More ❯

Designing and architecting secure IT environments: This may involve network security design, cloud security architecture (AWS, Azure, GCP), and implementing security technologies. Developing and assisting in the implementation of incident response plans: Creating documented procedures for handling security breaches and other incidents. Conducting tabletop exercises and simulations: Helping organizations practice their incident response procedures. Delivering technical More ❯

tickets in Primarks service desk system for the Primark environment Contribute to the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response Participant in the triaging events from a wide range of sources, including reports from employees, security systems and threat intelligence data Perform analysis and response to … for this role in particular: 3+ years enterprise cybersecurity IT experience, ideally with Cloud technologies and On premise experience Experience in Cyber Security Operations with a track record in Incident Response and Investigations Solid foundation in modern operating systems and networking protocols Experience of working in multi-skilled teams Strong appreciation & adherence to processes, defined roles & responsibilities and More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering teams to embed secure coding practices and tackle vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding/offboarding processes, and device compliance using SSO/SCIM and MDM platforms. … experience in enterprise IT or information security — ideally within SaaS, B2B, or fast-paced environments. Deep knowledge of compliance frameworks and IT governance. Understanding of third-party risk management, incident response, and security operations. Strong experience with MacOS administration tools (JAMF preferred). Familiarity with modern cloud environments, particularly Azure. Proficient in scripting languages such as Python or More ❯

remote Berkshire SC-200 Senior SOC Analyst Level 2/3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting/triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents/escalations Conduct advanced threat hunting using the Microsoft … Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Must have More ❯

and procedures in alignment with industry best practices. Reviewed penetration test reports to ensure they are up to standard and meet test objectives. Mentor junior penetration testers. Assist in incident response activities, including investigation, containment, and remediation of security incidents. Conduct cloud security assessments. Essential Requirements Must be currently residing in mainland UK . Minimum 5 years of More ❯

SOC Analyst A Global Organisation requires a Contract L2 SOC Analyst to join their Incident Response team - Splunk, Defender Day Rate: £400 - £420pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L2 SOC Analyst will have the previous following experience: Monitor and investigate security alerts using tools such as Splunk, Microsoft … Defender, and CrowdStrike, escalating incidents as needed and ensuring timely resolution. Leverage Microsoft Co-pilot and automation workflows to streamline threat detection, incident triage, and response processes. Conduct in-depth log analysis and correlation across multiple data sources to identify potential security threats and reduce false positives. Support threat hunting and root cause analysis efforts, providing detailed documentation More ❯

L3 SOC Analyst A Global Organisation requires a Contract L3 SOC Analyst to join their Incident Response team acting as an escalation point - Splunk & Defender Day Rate: £475 - £500pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L3 SOC Analyst will have the previous following experience: Act as a lead investigator … for high-severity security incidents, coordinating response activities and containment strategies. Perform deep forensic analysis across endpoints, logs, and network traffic to uncover advanced threats. Develop and fine-tune detection rules and correlation logic in SIEM platforms (e.g., Splunk). Collaborate with engineering and threat intelligence teams to improve detection coverage and SOC workflows. Mentor and guide L1/… threat hunting campaigns using tools such as Defender, CrowdStrike, and custom scripts. Contribute to playbook development, automation improvements (including Microsoft Co-pilot integration), and process optimization. Produce executive-level incident reports, root cause analyses, and recommendations for remediation and hardening. More ❯

infrastructure-as-code projects using Terraform • Supporting Windows desktop and server environments in a highly available setting • Liaising with external vendors and service providers • Playing a key role in incident response, resolution, and documentation Desired Experience • 5+ years’ experience in IT support or infrastructure, preferably in finance or professional services • Expert-level knowledge of Microsoft 365 and related More ❯

targeted attacks and service disruptions. This is not your average support role – you’ll be: Client-facing – engaging with high-profile stakeholders, requiring strong communication Handling monitoring, escalations, and incident response Working closely with Cloudflare’s security & performance services Supporting feeds & tools introduced to prevent breaches during races Acting as a key part of the incident management … Must-Have Skills Cloudflare experience (WAF, CDN, DDoS protection, DNS, etc.) Strong communication – this is a client-heavy, speaking role Understanding of security operations, monitoring, and escalation Experience in incident or breach response Comfortable in a high-pressure, fast-moving environment like F1 WORKING HOURS: FRI/SAT/SUN - to support during race weekends RATES: £500 PER More ❯

support team to drive continuous improvement in service delivery quality. Provide professional insights into AC/DC charging technologies, including fault diagnosis and issue analysis. Lead maintenance process optimization, incident response mechanisms, and standardization of service workflows. Act as a coordination and technical interface in major service issues, ensuring efficient problem resolution for customers. Service Operations Support Support … the development and optimization of preventive maintenance, troubleshooting, and spare parts management processes. Monitor and promote the execution of Service Level Agreements (SLAs) to improve response times and customer satisfaction. Work with customer success, sales teams, and third-party service providers to ensure consistent service delivery. Responsible for the selection, onboarding, and management of service partners, ensuring their competence … requirements and coordinate resources to ensure efficient closure of technical and service issues. Remote Monitoring & Fault Management Collaboration Coordinate with remote monitoring teams to enhance proactive alerting and issue response mechanisms. Support the application and advancement of remote diagnostics and predictive maintenance capabilities. Qualifications & Requirements Education & Experience Bachelor's degree or above in Electrical Engineering, Mechanical Engineering, or a More ❯

to a brand-new, cloud-native stack (React frontend, iOS/Android apps, Java backend). Build and manage a DevOps/SRE function focused on observability, automation, and incident response. Define and oversee operational KPIs, release cycles, and incident management workflows. Collaborate closely with engineering, product, and delivery to ensure seamless execution and performance. Manage third-party … months. Ideal Candidate Profile Proven experience leading digital operations or SRE/DevOps functions in complex, high-scale consumer digital environments. Deep understanding of release lifecycles, observability tooling, and incident command practices. Technical fluency in cloud-native systems, automation, and monitoring across modern web/app platforms. Experienced in cross-functional leadership, including product, engineering, delivery, and suppliers. Skilled More ❯

We're on the lookout for a strategic and hands-on leader to own the end-to-end delivery of IT services-covering Service Desk, End User Computing, Major Incident, Change & Problem Management, Service Transition, and Supplier Management. As part of our Product & Technology Group , you'll drive a culture of service excellence, lead cross-functional improvements, and ensure … Europe. What You'll Do Lead and develop high-performing service teams Own service management strategy aligned with ITIL and ISO standards Ensure smooth operations, change management, and major incident response Drive continual improvement through data, insight, and collaboration Act as a key liaison between senior stakeholders , service providers, and CAPTG teams Support the Director of Service & Infrastructure More ❯

the database receives the ongoing care and engineering attention it demands as a critical foundation of the OBP ecosystem. Enhancements - Improved Observability: Manage metrics, alerts and dashboard changes & improvements - Incident Response & Reliability - Troubleshoot issues or outages: Identify and remediate causes of issues. - Enhance high availability: Support technologies like EDB Postgres Distributed (PGD) - Manage disaster recovery: Maintain DR playbooks More ❯

the database receives the ongoing care and engineering attention it demands as a critical foundation of the OBP ecosystem. Enhancements - Improved Observability: Manage metrics, alerts and dashboard changes & improvements - Incident Response & Reliability - Troubleshoot issues or outages: Identify and remediate causes of issues. - Enhance high availability: Support technologies like EDB Postgres Distributed (PGD) - Manage disaster recovery: Maintain DR playbooks More ❯