22 of 22 Permanent Incident Response Jobs in the East of England

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

taking a leading role in delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: * Endpoint monitoring … and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise incident … computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing * Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. * Significant experience within a SOC environment. * Incident response experience * Qualification/Certification in Cyber Security Desirable * IT Qualifications/Certifications such as CompTIA More ❯

travel to the office twice per week. We are looking for an experienced Security Engineer to join our Cyber team. You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you … will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Studio and gaming environments. Please note that this position will require participation in an on-call rotation. What you'll be doing: Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and … efficiently to stakeholders Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident Develop and run tools to gather security telemetry data from cloud production systems Automate workflows and improve identification and response time for security events Build and optimize detection rules, allowing us to spend our cycles More ❯

cybersecurity tools to conduct proactive vulnerability scans across the Archive's network, devices, and systems; prioritize and address vulnerabilities; and generate progress reports. Monitor security events using detection and response solutions; respond to, manage, escalate, and report potential security incidents following established Incident Response Procedures. Lead cybersecurity analysis, improvements, monitoring, and incident response efforts, collaborating More ❯

and experience: An experienced threat intelligence lead (or similar). Expert in cybersecurity, with a focus on threat management and defensive security in regulated environments. Proficient in threat management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber … Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or vulnerability management programs. Professional certifications in Cyber and Information Security (e.g. OCSP, GREM, CEH). Strong analytical and problem-solving abilities, translating complex technical issues into actionable recommendations. An excellent communicator with the More ❯

that transform how a modern cyber team defends a fast-moving, always-on digital environment. You'll be part of a forward-thinking security function that's serious about incident response, proactive defence, and continuously improving how they work. Your mission: Develop scalable automation workflows that improve how we detect, respond to, and recover from threats. Streamline processes … across threat intel, incident response, and vulnerability management by eliminating repetitive manual tasks. Design and fine-tune SIEM detections that surface real signals and support both proactive and reactive actions. Collaborate across multiple cyber disciplines and work with third-party tools and partners to create seamless integrations. Drive process improvement in relation to Cyber Automations and Tooling What More ❯

production estate from both a technical and process perspective. Provide a consistent smooth operation of live systems and drive all on-call support issues. Design and operate a new incident tracking process to ensure root causes are found and remediated in a timely fashion by the development team. Create and maintain high end monitoring and automation tooling. Drive automation … and continuous improvement. RESPONSIBILITIES: Proven experience in a senior or lead SRE role, with a strong track record of building and maintaining highly reliable infrastructure and services. Expertise in incident management, including incident response, resolution, and post-mortem analysis. Proficiency in monitoring, alerting, and observability tools such as Prometheus, Grafana, ELK stack or Datadog. Experience with cloud More ❯

Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices, and knowledge-sharing across the team. Prepare and present reports for managed clients More ❯

Network Perimeter working with the best standard technologies. The MBDA SOC Analyst reports to the SOC Manager. The MBDA SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded MBDA member of staff.. The MBDA SOC Analyst key responsibilities are: Effective Tier 1 to … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors' tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role that builds upon the responsibilities of a senior SOC Analyst, introducing additional duties … a values led company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. Review, assess, and QA analyst triage, case notes … as the first point of contact for non-critical escalations and queries within the shift team. Liaise with SOC Manager, CTI, and IR leads to clarify or communicate updated response requirements. Contribute to and support the alignment of ongoing SOC initiatives, project deliverables, and best practice dissemination. Feedback & Continuous Improvement Log procedural or workflow issues observed during shifts and More ❯

s market position. As a Cyber Security Professional, you will support this area, working confidently and proactively to promote successful outcomes. What you'll be doing Be a cyber incident decision maker, ensuring mitigation controls and incident response are appropriate. Provide security advice and remediation to BT Lines of Business and external customers. Complete and own integration … NSE 4, Cisco CCNP, Checkpoint CCSE, Palo Alto. Knowledge of TCP/IP & OSI model and data network operations. Understanding of engineering best practices and continuous delivery. Experience with incident and escalation management. Willingness to undergo UK Government Security Clearance to SC level, requiring UK residence for at least 5 years. At BT, we offer an attractive salary, benefits More ❯

open and closed sources Monitoring OSINT, dark web forums, and internal telemetry for threat indicators Translating raw technical data into actionable insights for security teams Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs More ❯

Senior Cyber Security Engineer As Senior Cyber Security Engineer, you will be responsible for developing a high-quality response function that will navigate security incidents, drive process improvement and develop a collaborative culture where incidents are communicated and colleagues gain knowledge in these areas. Also, you’ll build the infrastructure that the organisation needs to scale their detection and … response capability across all threats. Key Skills Experience in security monitoring, incident response, and threat hunting in a cloud environment Prior experience leading complex security investigations Understand offensive/defensive security and scenarios that lead to compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics More ❯

Senior Cyber Security Engineer As Senior Cyber Security Engineer, you will be responsible for developing a high-quality response function that will navigate security incidents, drive process improvement and develop a collaborative culture where incidents are communicated and colleagues gain knowledge in these areas. Also, you'll build the infrastructure that the organisation needs to scale their detection and … response capability across all threats. Key Skills Experience in security monitoring, incident response, and threat hunting in a cloud environment Prior experience leading complex security investigations Understand offensive/defensive security and scenarios that lead to compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics More ❯

Senior Security Engineer Cambridge (Flexible working arrangements available) £70k-£80k If you've ever been the one who spotted the anomaly before it became an incident, or the engineer who built the tool that turned days of investigation into minutes-you'll feel right at home here.This is a senior role for someone who wants to move beyond responding … to alerts and instead shape how security detection, automation, and response are built from the ground up. You'll have real influence over architecture, tooling, and strategy while working alongside experienced engineers in an organisation that actually listens to its security team. What's in it for you from day one? Private medical and dental coverage Enhanced family leave … wrong, it's contained quickly and effectively. What you'll be responsible for Designing and maintaining scalable detection logic across cloud and on-prem environments Developing automation that reduces response time and removes repetitive analyst work Writing scripts and tooling that help collect, correlate, and enrich event data Performing deep investigations when incidents occur and making sure we don More ❯

relevant Ensure infection prevention and control standards are met Contribute to the Trusts quality, governance, and risk management processes Report incidents and support organisational learning Contribute to Patient Safety Incident Response Framework (PSIRF) responses Adhere to information governance, confidentiality, and data protection policies Maintain awareness of relevant legislation, standards, and best practice Maintain awareness of the collective responsibility … of using information and analytics to drive service improvement Experience leading or supporting digital transformation initiatives Experience contributing to or leading quality improvement, clinical risk management, or patient safety incident responses. Ability to support the use of digital tools and data to improve clinical safety, reduce harm, and promote continuous learning. Desirable Involvement with national digital health bodies & projects More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm's ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

reports for both DC and infrastructure assets • Capacity management including power, floor space and assisting with forecasting loadings. • Change management approval site level responsibility. • Support the CTO team with Incident and problem management. • Responsible for managing the internal cabling (and external carrier fibres brought into the building) to a high standard, with all cabling inventoried. • Collaborate with vendors and … internal stakeholders to integrate DC solutions into banking infrastructure and services seamlessly. • Lead incident response efforts for Data Centre related issues, ensuring rapid resolution and minimal business impact, including out of hours. • Plan and oversee DC upgrades and changes, ensuring thorough testing and compliance with change management policies. • Develop SLA’s and processes for service requests such as … DSS, CIS, NIST). • Experience in a Data Centre Operations or other similar critical operations role. • Strong knowledge of networking and circuits along with DC operations. • Extensive real time Incident/Fault management experience in a business-critical environment. • Good understanding of Health and Safety, ISO standards, and compliance, BMS, PMS, fire systems. • Knowledge of Datacenters Customer installations, such More ❯

high availability, reliability, and scalability of Windows services. Integrate observability tooling (metrics, logs, traces) into IIS-hosted services Harden Windows infrastructure for security, compliance, and operational best practices Lead incident response for Windows-related systems Contribute to internal documentation and deployment guides Deploying, maintaining, monitoring and upgrading production deployments of ARIC Risk Hub SaaS and third-party integrated More ❯

Security Ensure compliance with regulations (GDPR, ISO 27001, etc.). Implement security protocols around data access, retention, and classification. Work with InfoSec and Legal to manage data risk and incident response. What Success Looks Like A scalable, secure, and modern data platform is live. High-quality data reporting empowers business-wide decision-making. A respected leader is in place More ❯