1 to 25 of 34 Permanent Incident Response Jobs in Portsmouth

Incident Response/eDiscovery Manager – | London Law Firm | Up to £100k + Package | Flexible/Remote A top London law firm is expanding its Digital Forensics & eDiscovery team and looking for an Incident Response/eDiscovery Manager to take on a growing number of Incident Response projects . If you have experience with Canopy (or similar breach response tools) and are confident with Relativity , this could be a great opportunity! What You’ll Be Doing: Supporting forensic investigations and data collection Managing eDiscovery workflows (EDRM) using Relativity Leading and assisting with Incident Response cases, including data breach reviews Working with clients and internal teams on high-profile matters Using Canopy (or similar tools) for breach response and data analysis What They’re Looking For: Experience in Incident Response, eDiscovery & Digital Forensics Strong working knowledge of Relativity (certifications More ❯

a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment. We’re expanding our Incident Response team and looking for a Incident Response Analyst to join us in tackling some of the most challenging cybersecurity threats. … a critical role in reducing the impact of cyberattacks and enchanting our clients security posture to prevent future attacks. Key responsibilities include: Conducting initial incident assessments and contribute to Incident Response management. Participate in live Incident Response operations including digital forensics. Perform security assessments, threat … etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … VPNs, and group policies Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Communicate effectively with clients to understand their specific needs, provide updates on remediation progress, and offer guidance on enhancing their cybersecurity More ❯

a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working … responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work … on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. … engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). More ❯

s carefully selected team of experts are capable of solving complex cybersecurity challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with Proven defensive methodology. Our … in insurance law and claims handling. This role supports the CERT team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in-house or private practice experience who’s ready to grow into a broader commercial legal role. This … role will provide review, assessment, advise and expertise in the management of the claims process to support CyberClan’s delivery of Incident Response projects, including analysis of claims and providing recommendation for resolution of those claims. We are seeking an experienced claims professional to join our team and More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … through mitigation and remediation Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Monitor network incidents using network monitoring tools and other systems to maintain 99.9% uptime of our network Monitor and take ownership More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … security teams, customer operation teams as well as breach coach legal teams. This role with be reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and will collaborate closely with other cross-functional teams … identification of root cause and issue resolution or escalation Identify and escalate priority issues that need immediate attention Meet or exceed customer expectations on response quality, timeliness of responses and overall customer experience Serve as internal and external point of contact on customer escalations and ensure customer issues are More ❯

aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure … such as AZ-500/AZ-700/AZ -305. Background in computer networking. Experience with a scripting language for task automation. Previous incident response participation. Previous experience working as a security or infrastructure engineer in a cloud environment. Enjoy our comprehensive benefits package designed to meet More ❯

aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT … cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems, Computer Science, Engineering, or related discipline. 5-10 years of information …/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN and intranet/internet security environments including firewalls, intrusion detection, incident response, vulnerability testing, operating system hardening, regulatory compliance, and data classification. Experience in IAM, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Cloud More ❯

in place, this is a relatively greenfield SOC buildout, where you will work alongside the SOC Manager to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Work closely with Security Engineering team … to recommend system tuning/configuration improvements. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment, dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge of the Microsoft Security stack – Defender, Sentinel, etc … Knowledge of various Incident Response techniques and procedures. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. If you’re an experienced SOC Analyst, looking to shape how one of the most innovative Mobile Payments FinTech firms build out their cyber defence capability and leave a More ❯

manage system health. Skills and Strengths: AWS (Amazon Web Services) Auto Scaling Fargate Route53 Observability tools (New Relic, DataDog, Splunk) Containerization (Docker, Kubernetes, Fargate) Incident Response IaC (Terraform, CloudFormation, Helm, CDK) Scripting (Ansible, Bash, Python, GO) CI/CD Primary Job Responsibilities: Design and support EC2/ECS … solutions to improve scalability and efficiency. Implement security best practices across AWS environments, ensuring compliance with industry standards and safeguarding cloud infrastructure. Develop automated incident response mechanisms and self-healing solutions to minimize downtime and enhance fault tolerance. Diagnose and resolve infrastructure, networking, and application-related performance issues More ❯

infrastructure. Role & Responsibilities: Monitor networks and systems for security breaches, intrusions, and abnormal system behavior Investigate security incidents, perform root cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools More ❯

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

innovation Security Architecture & Operations: Oversee the design and operation of our global cloud security infrastructure across AWS, GCP, and/or Azure. Drive robust incident response, threat detection, and remediation processes. Risk Management & Compliance: Lead risk assessments and ensure adherence to international compliance standards (SOC 2, ISO More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at … the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused More ❯

Behaviour Analytics (EUBA) and Insider Risk Management processes and tools. Proven experience in analysing and responding to DLP alerts and incidents , collaborating with the Incident Response team for remediation. Strong knowledge of data classification methodologies and associated compliance frameworks. An understanding of security DLP best practices and frameworks More ❯

maintain standard operating procedures and protocols. Collaborate closely with the Cyber Defence team to uphold enterprise defence practices, guidelines, and procedures. Provide support for incident response efforts as needed. Assist with operational and management reporting produced by the team. Skills/Qualifications A highly self-motivated individual with More ❯

breaches, ROPAs, and DPIAs, while delivering scalable training and awareness across the company. Design and implement secure, low-overhead technical and organisational controls, overseeing incident response, vendor security, and external certifications. Drive compliance automation initiatives to minimise manual processes and support scalable growth, conducting internal audits and monitoring More ❯