5 of 5 Permanent Incident Response Jobs in Edinburgh

Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise to work … development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage and mentor SOC team members ...

mentor and escalation point for Tier 1 and Tier 2 analysts during live operations Support alignment between SOC operations, threat intelligence, and incident response functions Capture operational metrics relating to alert handling efficiency, response delays, and quality issues Identify procedural gaps and contribute to the improvement … playbooks, SOPs, and workflows Assist the incident response function with investigations requiring escalation to embedded internal stakeholders The ideal candidate would have: A strong career background in Cyber Security within an operational SOC environment Experience mentoring, coaching, or providing quality assurance to SOC analysts The ability to lead ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

practices using Bicep or Terraform.Monitoring & Operations: Set up and maintain observability for integration components using Azure Monitor, Application Insights, and Log Analytics. Support incident response and root cause analysis for integration-related issues.Security & Compliance: Apply security best practices across integration solutions, including authentication, encryption, and access control. Ensure … Management.Experience Azure Blob Storage, Key Vaults and Monitoring and Logging.Experience with RESTful APIs, JSON, and integration patterns (e.g., pub/sub, request/response, ETL).Familiarity with Azure Data Factory, Ab initio for data & ODI for movement and transformation of data.Experience with scripting and automation (e.g., PowerShell, Azure ...