1 to 25 of 27 Permanent Incident Response Jobs in the South West

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

incidents and mangment of the SOC Analysts. This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you'll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

strengthen the security posture of critical systems. This is a hands-on role for a LogRhythm specialist with strong experience in security monitoring, incident response, and deep-dive analysis within secure environments. What you’ll be doing: Monitoring and analysing security events using LogRhythm Investigating and responding … alerts and incidents Producing detailed incident reports and root cause analysis Tuning and optimising detection rules and use cases Supporting LogRhythm administration (2nd-line level) Mentoring junior analysts and improving SOC processes What we’re looking for: Strong LogRhythm experience (Client & Web Console) Proven SOC/incident response ...

this job title is advertised to attract the right skills needed for the role. Main duties of the job The Trainee Cyber Security Incident Manager role is within the NHS England National CSOC (Cyber Security Operations Centre), supporting the coordination, triage and management of cyber security incidents across … health and care system. Support the identification, triage and coordination of cyber security incidents within the NHS England National CSOC. Assist with incident management activity, ensuring incidents are logged, tracked and progressed in line with agreed processes and procedures. Work with technical analysts and operational colleagues to gather information ...

Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst … contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency ...

Analyst (Cloud) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre), providing second line cloud security analytics, monitoring and incident response services across cloud-hosted environments and platforms. Main duties of the job Deputise for Senior Analysts in their absence, supporting oversight … cloud security monitoring and response activity. Act as an escalation point for Tier 1 Junior Analysts for cloud security incidents, alerts and investigations. Offer mentorship and guidance to Tier 1 Junior Analysts to build capability in cloud threat monitoring, investigation and response. Keep up to date with the latest ...

artefacts produced during the development and engineering process regarding product & solution security. Supporting customer service team in development and deployment of security monitoring and incident response solutions e.g. SIEM as well as security configuration of railway system solutions and implanting and deploying cyber security solutions. Supporting the network … providing mentorship, guidance, support and leadership Representing security engineering at project milestones, driving continuous improvement through lessons learned, and contributing to the analysis and response to security vulnerabilities and incidents. The candidate will also be expected to maintain an appreciation of new technologies, emerging risks, and standards, together with ...

backgrounds, including Computer Science graduates, Linux-focused infrastructure engineers, Kubernetes/platform engineers, and individuals from live service or service desk environments with strong incident management experience. This is a hands-on operational engineering role focused on maintaining stability, availability, and performance of a complex, secure cloud platform operating … Responsibilities Provide frontline operational support for secure cloud infrastructure and platform users Troubleshoot and resolve critical incidents across live production systems Lead or support incident response, escalation, and coordination during shifts Operate within a 24/7 rota supporting high-priority workloads and services Follow, maintain, and improve ...

principles, and outcomes Review policies, governance, and technical/operational controls against CAF requirements Assess cyber capabilities across: Risk management Protective security Monitoring & logging Incident management Supply chain security Operational resilience Produce high-quality outputs including: Assessment reports Risk findings Observations Improvement recommendations Contribute to assurance documentation, reporting … communication skills Experience working within public sector, regulated, or enterprise environments Solid understanding of cyber security domains, including: Identity & Access Management Vulnerability Management Incident Response SIEM/Monitoring & Logging Resilience and business continuity Supply chain security Ability to manage multiple priorities and deliver under tight deadlines Experience working ...

doing Design, deploy and support resilient web services across test, staging and production environments Improve reliability, reduce technical debt and lead incident response, RCA and no-blame postmortems Build and maintain infrastructure as code and container platforms using tools such as Docker, Kubernetes, Helm, Ansible and Terraform Develop ...

extension possible) 🔒 Clearance Required: Active DV Clearance Key Responsibilities: • Perform triage of security events and incidents • Determine scope, impact and remediation priorities • Real-time incident management from detection to resolution • Support SIEM engineering and tool configuration within an enterprise SOC • Develop use cases, analytics and playbooks • Work within … Tier 2/3 SOC Analyst experience (2+ years) ✔ Hands-on SIEM experience (ArcSight preferred) ✔ SOC certifications such as SANS, ISC2 or equivalent ✔ Strong incident response and threat analysis capability ✔ Understanding of cloud technologies. Desirable: ➕ Defence/MOD experience ➕ Team lead exposure ➕ Degree in Computing, Engineering or related ...

Manage and develop the IT team Oversee Microsoft 365, networks, telephony and key legal systems Deliver projects and drive digital transformation Own cybersecurity, risk, incident response and continuity planning What you’ll need Senior IT leadership experience (professional services ideal) Strong Microsoft 365, Windows Server, AD, Intune ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end, lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolvin... LFWQ1_UKTJ ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolvin click apply for full job details ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end, lead incident response, xxuwjjq and work closely with the CISO to drive continuous improvement across a mature but evolvin... Make sure to read the full ...

maintain Prometheus-based monitoring solutions Develop and manage metric exporters for application and system-level data Optimise Prometheus scraping configurations and retention policies Alerting & Incident Response Define and maintain alert rules based on SLIs/SLOs and performance baselines Ensure alerts are actionable, with minimal false positives Participate … necessarily lead) in on-call rotations and incident postmortems Observability Dashboards Design and maintain Grafana dashboards for real-time operational insights Collaborate with engineering and product teams to create tailored visualisations Provide self-service dashboard capabilities for end users System Performance & Reliability Monitor infrastructure (servers, containers, databases, services ...

Directors and Board on digital risk, cyber security, information governance, data protection and service resilience. Leading cyber security arrangements, including relevant accreditations, incident preparedness and proactive cyber risk management. Ensuring data is collected, stored, processed, shared and reported lawfully, securely and effectively. Overseeing the maintenance and development of applications … suppliers and contracts as an intelligent client, holding providers to account and advising on internal versus third-party delivery. Supporting Emergency Preparedness, Resilience and Response (EPRR), making sure data, digital and technology arrangements enable safe and responsive services. Building strong working relationships across clinical, operational, corporate and leadership teams. ...

cyber security consulting and managed services, including: Managed Security Services SOC & MDR solutions Cloud Security Security Operations Penetration Testing & Assurance Risk, Compliance & Governance Incident Response Working closely with technical teams to develop tailored solutions and proposals Building and managing a strong, qualified sales pipeline Achieving or exceeding revenue ...

doing They’re looking for someone with a strong experience in Linux systems administration and support. They need someone who can handle on-call incident response and management alongside day-to-day monitoring and infrastructure planning, testing and development. You will be familiar with modern frameworks ...

online training with just 2 hours per day of study time. You will learn industry-recognised methodologies, network security, threat detection, vulnerability management, and incident response, while building practical experience with Live Labs. The programme includes earning CompTIA certifications (A+, Network+, Security+) recognised by UK employers, expert tutor ...

online training with just 2 hours per day of study time. You will learn industry-recognised methodologies, network security, threat detection, vulnerability management, and incident response, while building practical experience with Live Labs. The programme includes earning CompTIA certifications (A+, Network+, Security+) recognised by UK employers, expert tutor ...

online training with just 2 hours per day of study time. You will learn industry-recognised methodologies, network security, threat detection, vulnerability management, and incident response, while building practical experience with Live Labs. The programme includes earning CompTIA certifications (A+, Network+, Security+) recognised by UK employers, expert tutor ...

role covering Taunton/Bridgewater and surounding areas. Full training will be provided. Purpose of this role Field based role facilitating the maintenance and incident response for events on the OFNL network. Your key responsibilities are Perform routine maintenance of telecoms equipment deployed in our Fibre ...

Plymouth area. This is a field based role covering the South West. Purpose of this role Field based role facilitating the maintenance and incident response for events on the OFNL network. Your key responsibilities are The Fibre Field Engineer primary role is to maintain and perform repair OFNLs ...