1 to 25 of 41 Permanent Incident Response Jobs in Yorkshire

will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to … participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence into CIC activities. Collaborate and assist with the … investigation and resolution of complex security incidents. Support the delivery of retrospective improvements based on incident analysis, RCAs and PIRs. Engage with third-party security partners to enhance and mature services. Maintain centralised processes across all VBG product lines, promoting synergy and efficiency. Stay updated on the latest cyber More ❯

Cyber Response Services Senior Analyst – KPMG Curve Base Location: Leeds based (Hybrid – 3 days per week in office) Experienced professional (kpmgcareers.co.uk) As a result of the work that we do, we require applicants to hold or be capable of obtaining UK National Security Vetting, the requirements for which could … is what matters most. What will you be doing? Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view … and being able to advise clients on the threat landscape and attacks which may be relevant to them. Develop KPMG’s in house cyber-response tools Help assess client incident response capability maturity. Help stand-up or improve clients’ own incident response capabilities. Help with More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly … Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity … apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and More ❯

Up to £60,000 A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect … national security interests. Key Responsibilities: Lead and mentor a team of SOC analysts in a high-security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop … and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with hands-on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience More ❯

involves working closely with cross-functional teams to ensure products meet high security standards and customer needs. You will play a key role in incident response, investigating and mitigating security breaches to minimize impact, and proactively monitoring threats. You will also communicate findings to stakeholders. Additional responsibilities include … ensure regulatory compliance and adherence to best practices. Defining access privileges, control structures, and resources to safeguard systems. Implementing and maintaining security controls. Providing incident response during security breaches. Monitoring systems and networks for intrusions and unusual activity. Staying updated on security developments and emerging threats. Product Development … vulnerability scanning. Assisting in designing secure application architectures with authentication, access controls, and encryption. Who we're looking for You should have experience with incident management tools, APIs for security solutions, and cybersecurity controls such as Anti-malware, EDR/XDR/NDR, SIEM, and SOAR. An understanding of More ❯

and ensure smooth feature rollouts with minimal downtime. Define and manage monitoring, logging, and telemetry using tools like AWS Cloudwatch, Prometheus, and Datadog. Lead incident response and production troubleshooting with a proactive and preventative mindset. Drive automation initiatives with tools like GitlabCI, Terraform/OpenTofu, Ansible, and scripting … IAM). Experience with Kubernetes and Argo CD in production settings. Deep knowledge of application security protocols and infrastructure-level security practices. Real-time incident response skills. Proficient in infrastructure as code, monitoring, and automation. Excellent communication, collaboration, and problem-solving skills. Relevant certifications in AWS would be More ❯

robust risk management framework, proactively identifying, assessing, and mitigating cybersecurity risks in alignment with business goals. Define standards for operational security including vulnerability management, incident detection and response, threat intelligence, and third-party/vendor security management. Act as the key internal and external security spokesperson, confidently communicating … track record of building and embedding security awareness and risk management frameworks across business and technical teams. Strong operational experience, including establishing and managing incident response, vulnerability management, and security monitoring programs. Ability to communicate complex security topics clearly to non-technical stakeholders, influencing executives, customers, and teams. More ❯

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports More ❯

Information Security Consultant you will work with the wider IT Security Team to support and maintain enterprise wide solutions. The Responsibilities Assist with security incident management and response activities General day-to-day support on managing and responding to security alerts from systems and end users Perform daily … resolving, and reporting risks Experience of formal document creation, such as the creation of reports or procedures Threat Intelligence analysis and best practice Security Incident Response processes, procedures, and best practices Disaster Recovery and Business Continuity principles Event and log analysis If you are looking for an exciting More ❯

to make a real impact by ensuring the integrity and resilience of the company's IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly … Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity More ❯

to make a real impact by ensuring the integrity and resilience of the company's IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly … Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity More ❯

and categorise incidents in accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and provide actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. … Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel. Proficiency in Python and scripting for automation and analysis More ❯

experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell More ❯

and categorise incidents in accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and provide actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. … Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel. Proficiency in Python and scripting for automation and analysis More ❯

Monitor, triage, and investigate alerts and network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber More ❯

Monitor, triage, and investigate alerts and network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber More ❯

and onboarding of new SOC team members Act as the primary technical escalation point for complex security incidents and investigations Support advanced threat hunting, incident response, and forensic analysis Ensure the SOC follows best practices and industry standards Client Engagement & Technical Account Management Oversee security tool deployments and … in a leadership role Strong technical knowledge of security tools, including SIEM, SOAR, EDR, Firewalls, and Threat Intelligence platforms Hands-on experience with security incident handling, threat hunting, and forensic analysis Excellent understanding of attack tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK Experience managing More ❯

Requirements Technical 5+ years' experience in threat intelligence, vulnerability management or conducting research and investigating cyber threats in a technical capacity. Experience in technical incident response and management. An expert understanding of current and emerging threats related to government and CNI. Excellent Open-Source research skills. Demonstrate a More ❯

Requirements Technical 5+ years' experience in threat intelligence, vulnerability management or conducting research and investigating cyber threats in a technical capacity Experience in technical incident response and management An expert understanding of current and emerging threats related to government and CNI Excellent Open-Source research skills Demonstrate a More ❯

on handling spam, malicious emails and other potential threats - Help develop, maintain and document security policies, processes, and procedures to maintain compliance, including Cyber Incident Response Plans Security Analyst - You: - You will have at least 5 years commercial experience gained within a security or infrastructure role - CySA+ or More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems More ❯

Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear from you! If you're … during relevant cybersecurity incidents Deliver detailed threat reporting including executive briefings, and actionable recommendations to technical and non-technical stakeholders Set yourself apart: Monitoring, incident response and playbook development Detection creation within SIEM tools and using GitHub Vulnerability scanning, management and reporting Core cybersecurity concepts such as network More ❯