1 to 25 of 60 Permanent Incident Response Jobs in the South East

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

work will include proactive security monitoring across our hybrid cloud and on premises environment, triaging and investigating alerts, and supporting coordinated incident response activities. You will operate our vulnerability management processes, translate threat intelligence into actionable defences, and contribute to the improvement of detection content and security controls. … contribute to several high impact initiatives including: Establishing a more mature, risk based vulnerability management lifecycle and reducing exposure windows across critical systems Enhancing incident response readiness through improved playbooks, scenario testing, and lessons learned processes Uplifting monitoring coverage and the effectiveness of SIEM/EDR/ ...

partnering with a fast‐growing cyber consultancy to hire a Senior Consultant who can lead complex cyber resilience engagements. Shaping security architecture, guiding incident response, and landing outcomes that measurably reduce risk. What you’ll do Lead the planning and delivery of large‐scale cyber projects, from discovery … Design and architect secure, scalable solutions across on‐prem and cloud (AWS), integrating with networking, virtualisation (Nutanix/VMware), storage and IT operations. Own incident response: playbooks, coordination, post‐incident reviews, and continuous improvement. Deploy and tune controls across SIEM/XDR (e.g., Rapid7 InsightIDR, SentinelOne), vulnerability ...

dashboards, alerts, and log data to identify suspicious or malicious activity. Alert Triage: Perform initial investigation and prioritisation of security alerts, escalating where necessary. Incident Response (L1): Assist in incident investigation, gather relevant evidence, and support escalation to senior analysts or IR teams. Threat Detection: Support detection … Exposure to SIEM tools (e.g., Sumo Logic, Microsoft Sentinel) Familiarity with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Basic understanding of: Security operations Incident response lifecycle Networking fundamentals (TCP/IP, DNS, etc.) Strong analytical and problem-solving skills Good communication skills (written and verbal) Ability ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations … stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. ...

fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules … experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

Analyst (Tier 2) to support their security operations function. This role will focus on investigating security incidents, improving detection capabilities and supporting the wider incident response process. Key Responsibilities: Investigate and respond to security alerts and incidents Perform threat analysis and incident investigation Analyse security logs … understanding of security threats, vulnerabilities and attack techniques Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic) Knowledge of endpoint security tools and incident response processes Strong analytical and investigative skills Nice to Have: Experience with CrowdStrike, SentinelOne or Microsoft Defender Knowledge of MITRE ATT&CK framework ...

develop their technical skills and gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential … security incidents Triage alerts and escalate incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working ...

Detection & Response Analyst (SOC/Security Engineering Pathway) Portsmouth (Hybrid) Why this role is different Most SOC roles are alert-heavy and repetitive. This isn’t one of them. You’ll be joining a team that’s actively moving beyond traditional SOC work—focusing on threat detection, automation … Working with security tooling (EDR, SIEM, cloud security platforms) Supporting threat hunting and proactive detection activities Collaborating with engineering teams to improve automation and response Contributing to continuous improvement of security operations What we’re looking for We’re open to people from a range of backgrounds, including ...

implementation and improvement of security controls. Develop and deliver a company-wide information security training and awareness programme. Serve as the Primary Incident Response Manager for information security incidents. Manage and review information security risks across the organisation. Lead information security improvement initiatives. Oversee supply chain information security … risks and vendor assessments. Essential Skills & Experience Strong experience in policy and standards development. Cyber incident response expertise. Security architecture knowledge. In-depth understanding of ISO27001 controls. Experience with Cyber Essentials Plus certification. Strong risk management capability. Proven ability to communicate with and influence senior stakeholders. Desirable Audit ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

estate. Working closely with service delivery leadership, suppliers, and internal stakeholders, you will ensure the smooth operation of critical infrastructure while coordinating technical changes, incident response, and ongoing enhancements. This role plays a central part in maintaining operational excellence across a complex, technology-driven environment, ensuring systems remain … with CAB processes and estate standards. * Participate in Change Advisory Board (CAB) activities, ensuring all changes align with operational stability and compliance requirements. * Coordinate incident response and service requests with external partners, ensuring timely resolution and accurate documentation. * Support ICT projects, upgrades, and mobilisation activities, balancing operational priorities ...

Risk Management: Own and manage the security risk management program, including advanced risk assessments, vendor risk reviews, third-party due diligence, and mitigation planning. Incident Response & Improvement: Collaborate on incident coordination, response, root cause analysis, and driving continuous improvement initiatives. Stakeholder Communication: Deliver clear, data-driven ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third-party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/… technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. ...

control frameworks Lead security audits, manage remediation, and track follow-up actions Cyber Operations Oversight Manage vulnerability scanning programmes, penetration testing, and remediation Oversee incident management processes and escalation procedures Maintain incident response, disaster recovery, and business continuity plans Ensure high standards for access control, monitoring, encryption ...

intentionally progressing) into a cybersecurity-focused career. What We're Looking For Essential Strong systems administration or network engineering background. Hands-on experience in incident response, vulnerability management, or security operations. Clear, articulate communicator able to explain technical risk to non-technical stakeholders. Strong technical troubleshooting skills across ...

escalation point across 1st, 2nd, and 3rd line support Managing and improving cloud platforms, SaaS tools, and network environments Leading troubleshooting and incident response for complex technical issues Overseeing onboarding/offboarding, device management, and access controls Driving automation and reducing manual processes Improving IT processes, documentation ...

where your expertise will directly influence how threats are detected and mitigated at scale. Relevant job titles: Threat Detection Engineer, Cyber Threat Engineer, Detection & Response Engineer, Security Detection Engineer Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer,Detection & Response Engineer,SIEM Engineer,Security Detection Engineer,Threat Hunting Engineer,Security Automation Engineer,SOC Engineer,Incident Response Engineer,Cloud Security Engineer,Network Security Engineer ...

where your expertise will directly influence how threats are detected and mitigated at scale. Relevant job titles: Threat Detection Engineer, Cyber Threat Engineer, Detection & Response Engineer, Security Detection Engineer Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer,Detection & Response Engineer,SIEM Engineer,Security Detection Engineer,Threat Hunting Engineer,Security Automation Engineer,SOC Engineer,Incident Response Engineer,Cloud Security Engineer,Network Security Engineer ...

wants to lead technology service operations and ensure consistent, reliable performance across systems and platforms? In this role, you'll take ownership of incident management, service governance, and operational excellence, helping to deliver a seamless technology experience across the organisation. What you'll do: Lead incident and problem … management, driving effective technical response and resolution. Manage SLAs, service performance dashboards, and continuous improvement initiatives. Oversee cyber security incident response and vulnerability remediation. Coordinate service desk triage and out-of-hours support coverage. Partner with key stakeholders across Product, Engineering, and Compliance to support audit readiness ...

procedures aligned to UK Government frameworks Conduct People and Physical Security risk assessments, audits and assurance activities Lead or support personnel security investigations, incident response and post-incident reviews Contribute to the development and delivery of insider risk programmes Provide subject matter expertise and advisory support ...