4 of 4 Permanent Incident Response Jobs in Coventry

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

practices into development and project delivery processes collaborate with IT, development, and project teams to ensure a consistent and pragmatic security approach contribute to business continuity, disaster recovery, and incident response planning communicate complex security concepts clearly to both technical and non-technical stakeholders partner with auditors, vendors, and external security service providers What we’re looking for More ❯

proxy, CrowdStrike-equivalent tools Data management : Supporting data labelling & retention projects using Purview or similar Governance support : Involved in data loss prevention, labelling, and stakeholder engagement (including DPO) Practical incident response input : Advising IT on immediate steps during incidents, converting theory into quick, actionable responses Ongoing InfoSec operations : Metrics, monitoring, and security projects across applications and users Tech … tools you’ll use: Microsoft Purview – Data governance and policy enforcement Microsoft Defender – Endpoint & email protection CrowdStrike/equivalents – Endpoint detection & response Web proxy & email security tools Azure (beneficial) – IAM, monitoring, and security logging Why this role? Be central to shaping data governance and security operations in a dynamic SME environment Hands-on exposure to a wide range of More ❯