1 to 25 of 40 Permanent Incident Response Jobs in the South West

20th January Main duties of the job The role combines governance, assurance and hands-on leadership of proactive and preventative tactics, threat intelligence, incident response, vulnerability management, strategy and cultural change to build cyber resilience across the Integrated Care System (ICS They will have a proven track record … within the NHS or wider public sector. They will possess deep technical and governance expertise across areas such as threat detection, vulnerability management and incident response, with the ability to translate complex technical risk into clear, articulate, actionable information for senior executives and boards with assurance and confidence. ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

present end-to-end security solutions aligned to business objectives Act as a trusted advisor on cyber security strategy and best practice Support incident response and improvement initiatives where required Produce clear technical documentation and recommendations Collaborate with cloud, networking and wider pre-sales teams Maintain relevant vendor … 5+ years’ experience in pre-sales or consulting within an MSP, reseller or systems integrator Strong understanding of SOC operations, security monitoring and incident response Solid knowledge of Microsoft security technologies Experience with SIEM, MDR/EDR, SSE and SASE solutions Knowledge of ISO 27002, CIS, NCSC ...

organization's technology infrastructure and data from cyber-attacks. Provide support and expertise during cyber incidents and contribute to the development of cyber incident management and response plans Prepare detailed technical documentation to support with the improvement of a customer's security estate, acting … programme. Experience 2+ years in Pre-Sales or similar role within an MSP/Reseller organisation. Previous experience being part of or working with incident response teams would be beneficial Good understanding of incident response stages and handling preferred Knowledge and/or experience using endpoint ...

. This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible, hybrid … networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence … security, infrastructure, operating systems, and threat detection Experience in mentoring, peer coaching, or QA within a SOC Strong written and verbal communication skills, including incident escalation and reporting Solid understanding of the OSI reference model and common network protocols (DNS, SSL, SMTP, FTP/S, LDAP/S) Experience ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Essential Experience … alerting tools (e.g., CloudWatch, ELK/Opensearch, Prometheus, Grafana). Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. Ability to collaborate effectively with Development and Test teams, translating requirements into stable and secure ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

agility required in a fast paced, regulated environment. Key responsibilities: Take ownership of day-to-day security monitoring, including investigating alerts, manual monitoring, and incident response Diagnose, troubleshoot, and resolve Linux OS level issues across servers and infrastructure Maintain, improve, and secure cloud and internal infrastructure, including monitoring … cloud environments such as AWS, Azure, or GCP, alongside on prem systems Solid understanding of security fundamentals including access control, monitoring, vulnerability management, and incident response Scripting or automation experience using tools such as Python, Bash, or PowerShell Desirable experience includes exposure to endpoint management or security tooling ...

Actions, Jenkins, CircleCI). Solid understanding of Linux systems and scripting (Bash, PowerShell, Python). Familiarity with security principles , SIEM/SOC tools, or incident response. Knowledge of networking fundamentals and APIs. Excellent problem-solving and communication skills. Nice to Have Experience with containerization (Docker, Kubernetes). Exposure ...

across systems and infrastructure. Track emerging threats and recommend updates to policies, standards, and procedures. Oversee daily security operations, including monitoring, vulnerability management, and incident response. Lead and mature the regional incident response function, coordinating with global teams on high-severity events and driving continuous improvement. Manage … primary contact for operational cyber matters, providing clear, timely communication to stakeholders and leadership. About You Demonstrable experience in cyber security operations, including incident management, threat monitoring, and vulnerability management. Familiarity with regulatory frameworks within region and best practices (such as ISO 27001, NIST CSF, Cyber Essentials). Professional ...

standards and regulations, including the Cyber Resilience Act. Responsibilities Assess, establish and maintain clear guidelines and best practices for secure coding, vulnerability management, and incident response Develop and maintain product security risk assessment processes, providing support and guidance to project teams Develop scanning and review processes to discover … effectiveness of the implemented cybersecurity controls Coordinate activities with the owning product divisions when vulnerabilities are reported by 3rd parties, and guide the response Work with development teams to remediate security vulnerabilities and prevent future incidents Track and address security issues effectively, ensuring timely remediation and patching Document ...

security, reliability, and cost management . Automation & Infrastructure as Code : Develop and maintain automation scripts and infrastructure using Kubernetes and Terraform . Monitoring & Incident Response : Build and enhance monitoring, alerting, and observability solutions. Respond to incidents, perform root cause analysis, and drive continuous improvement. Collaboration : Partner with software ...

Security Operations and SOC teams Support the development and execution of SecOps strategies Conduct maturity assessments, threat hunting and vulnerability management activities Advise on incident response frameworks and operational resilience Security Strategy & Architecture Contribute to the development and evolution of security strategy aligned to business objectives Provide security ...

alerts. Deploying, scaling, and managing containerised applications using tools like Kubernetes for clients who require container platforms Support patching, vulnerability remediation, and security incident response activities to maintain secure environments. Assist with the operational management of data platforms, including storage, protection, replication, and automation of data workflows. Manage ...

senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain … incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience ...

with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139 , and ISN 23/09 Secure by Design . Support incident response, security investigations, and remediation activities for product and system-related events. Produce and maintain security artefacts, documentation, and guidance materials. Communicate complex ...

servers, and IP addressing (DNS, DHCP, VLANs). Manage SSL certificates and external web security. Support GDPR and NIS2 compliance and assist with security incident response. Deliver penetration testing, implement improvements, and support business continuity planning. Collaborate with SOC and IT teams to resolve vulnerabilities and critical threats. Maintain ...

skills over certificates, though!) Multi-cloud or hybrid security experience Container security & supply-chain/SBOM tooling Applied cryptography fundamentals (KMS, envelope encryption, etc.) Incident response or red/blue/purple team exposure OSS security contributions or AWS community involvement Technical/IT degree ...