1 to 25 of 27 Permanent Incident Response Jobs in the South West

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … global cybersecurity efforts. What You Bring Essential: Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

with Key Vault, SBOM and image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform … service catalog entries; contribute to onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incident response when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services, API Management, Event Hub/… GitOps, and container build pipelines (e.g., ACR, OPA policies, image scanning). Working knowledge of observability tooling (Azure Monitor, Log Analytics, Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and More ❯

the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities. Youll be at the forefront of detecting, analysing and responding to evolving threats, ensuring our technical security controls and frameworks are robust, compliant, and future-ready. … fast-paced environment, love to hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and More ❯

and automate infrastructure provisioning. Security and Compliance: Enforce security and compliance standards using tools like Azure Policy, ensuring environments are patched, monitored, and aligned with regulatory requirements. Monitoring and Incident Response: Establish monitoring, logging, and alerting systems to track environment health and lead incident response and resolution for infrastructure and deployment issues. Collaboration: Work with stakeholders More ❯

Evaluate and integrate new AWS services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills & Qualifications: Proven hands-on experience … Knowledge and application of cloud security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact me on More ❯

Evaluate and integrate new AWS services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills & Qualifications: Proven hands-on experience … Knowledge and application of cloud security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact me on More ❯

initiatives, including hardening guides, architecture diagrams, and evidence packs. Chair the Cyber Security Working Group and support regional security leads. Assist the Security Architect with deploying new controls. Deliver incident response: triage escalations, coordinate crisis response, provide out-of-hours support, and perform post-incident reviews. What We're Looking For: Strong communicator with excellent stakeholder … Commitment to ongoing professional development. Required Experience: Degree or equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills, and familiarity with IR frameworks. More ❯

objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role. Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions. Key Responsibilities: Client Engagement & Solution Design: Collaborate with clients to identify … real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. Threat Detection & Response Strategy: Design and implement threat detection rules, logic, and response workflows that align with the client's risk profile and operational needs. Guide clients in developing and improving … their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance More ❯

and Experience Essential: Degree in Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection … and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or More ❯

to, and prevent cyber threats. Location: Bristol Reports to: Head of Cyber Security Hybrid Role: 3-4 days work from home The Role Play a key role in maturing incident response and threat intelligence functions Evolve and mature the firm's capability for detecting and responding to cyber incidents Help develop strategies and roadmaps for cyber security technology More ❯

infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation, assessments and continuous improvement activities. CYBER SECURITY ENGINEER ESSENTIAL SKILLS Minimum three … to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

performed and documented to agreed standards. Working with our Crypto custodians to ensure accurate transfer of information and maintaining records. Coordinate crypto change windows (key loads/rollovers), support incident response related to crypto assets, and drive continuous improvement of crypto processes. Ensure that Key Material is ordered from NCSC/MoD and delivered/installed in a More ❯

information risks. Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23/09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to More ❯

Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting Required Skills & Experience At least 2 years' experience in a dedicated Security Analyst role Hands-on experience with: SOC operations SIEM tools Vulnerability management Incident response and investigation Log and event analysis Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance will be needed) DV Bonus: 10% of base salary upon clearance and project deployment More ❯

of base salary upon clearance and deployment on project Experience & Skills Minimum 2 years in security analyst role Experience : Security Operations Centre (SOC) or equivalent SIEM platforms Vulnerability management Incident response & resolution System log analysis Certifications : CompTIA or equivalent (preferred) Qualifications : Experience prioritized over formal education Please Apply/Reach Out to learn more More ❯

Support cloud infrastructure (AWS EC2, S3, IAM, VPC). Implement robust backup and disaster recovery processes. Maintain clear documentation, logs, and inventories. Ensure PCI DSS compliance and assist with incident response activities. Work cross-functionally with engineering, security, and operations teams. Drive improvements and automation using scripting and modern tooling. What You’ll Bring Degree in Computer Science More ❯

at scale Strong Linux systems administration background Proficiency with Terraform, Ansible (or similar tools) Knowledge of scripting (Bash/Python), CI/CD, and version control (Git) Experience in incident response and disaster recovery Strong communication skills and a collaborative mindset Nice to Have AWS Associate certification (or interest in achieving it) Exposure to containerised environments or Azure More ❯

CISSP/CISM Desirable Other Informatics, Cyber, Data Protection qualification Knowledge Essential Ability to guide and provide assurance over the effectiveness of security controls, including threat detection, vulnerability management, incident response, and overall organisational cyber resilience. Desirable Mature understanding of NHS and public sector digital risk profile and audit principles and practice. Experience Essential Proven experience in leading More ❯

ensure seamless integration and deployment of applications. Implement and maintain security best practices and compliance standards across all AWS environments. Troubleshoot and resolve complex technical issues as part of incident response efforts. Maintain detailed documentation of architectures, configurations, and processes. Apply design patterns to ensure code reusability and maintainability. Develop and execute unit tests, following test-driven development More ❯

months of proven penetration or security testing experience Knowledge of Metasploit, Burp Suite, and vulnerability scanning tools Experience with Windows, Linux and Mac operating systems Interest in threat hunting, incident response, and security monitoring CRT/OSCP/Cyber Scheme training or aspirations to achieve them Eligibility for UK Security Clearance If you're looking to build a More ❯

by default principles Lead threat modelling, translating findings into actionable design guidance Define secure architecture for modern cloud platforms Guide teams on secure coding, reviews and best practice Support incident response and foster a culture of continuous assurance What You'll Bring Proven experience leading security architecture and design for complex IT environments Understanding of cloud technologies and More ❯

The role encompasses both monitoring and responding to alerts raised by various toolsets as part of an ongoing managed security monitoring service, coupled with analysing data sets gathered from Incident Response investigations and assisting Investigative Consultants to deliver positive investigative outcomes to our breach investigation consultancy engagements. More ❯

repeatable deployments. Implementing comprehensive observability for authentication paths with structured logs, monitoring dashboards, alerts, and SLOs. Collaborating closely with product, engineering, and support teams on migration timelines, communications, and incident response. This role's for you if Proficiency in Node.js, with proven experience building production services or CLIs with robust testing, error handling, and secure coding practices. Strong experience More ❯

the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities click apply for full job details More ❯