21 of 21 Permanent Incident Response Jobs in Yorkshire

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

across our three UK brands: PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security … SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation … Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high performing teams across More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯

Responsibilities Lead, coach, and develop a multisite team of 1st to 3rd line IT Support Analysts. Oversee daily operations of the IT Service Desk, ensuring SLAs are met across incident, request, and problem management. Act as the primary escalation point for major incidents, coordinating resolution and stakeholder communication. Own and improve ITSM processes including incident, problem, request, change … and major incident management. Monitor service desk KPIs. Ensure smooth collaboration across infrastructure, development, and platform teams. Maintain excellent service quality and communication with internal and external users. Promote a culture of continuous improvement and customer service excellence. Contribute to IT strategy by identifying automation opportunities and service enhancements. Service Desk Manager Requirements Proven experience managing an IT Service … Desk or Technical Support function. Strong working knowledge of ITSM frameworks. Hands on expertise in incident, request, problem, and major incident management. Skilled in leading and developing high performing support teams (1st to 3rd line). Experience with major incident response and crisis communication. Customer focused with strong interpersonal and stakeholder management abilities. Familiarity with ITSM More ❯

implement the company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data … Skills & Experience 15+ years of progressive experience in Information Security, with a minimum of 7-8 years focused on cybersecurity. Proven track record in cybersecurity strategy, team leadership, and incident management. Deep knowledge of blockchain protocols, smart contracts (Solidity, Rust), cryptography, and custody systems. Strong expertise in cloud security, DevSecOps, and secure software development lifecycle (SSDLC). Understanding of More ❯

to organizations of all sizes. The team supports a broad range of cutting-edge security technologies, helping customers secure their networks, applications, and infrastructure through proactive monitoring, management, and incident response. As demand for managed firewall and security services grows, my client is looking for a Network Engineer with strong networking fundamentals and a willingness to learn advanced security … Role Overview As a Network Engineer within the Security Operations Center (SOC), you will help manage and support customer network security environments. Youll work on firewall configurations, troubleshooting, and incident response, while gaining exposure to SIEM tools and advanced security solutions. Full training and development opportunities will be provided. Key Responsibilities Monitor and manage client firewalls, VPNs, and More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

followed. Conduct continuous internal security assessments, including Privileged Access Reviews and Cloud Configuration Audits, and own the resulting remediation activities end-to-end. Develop automation and tooling to reduce incident response times and eliminate repetitive tasks for the security team. Define and deliver security standards, policies and processes for the group and review in a timely manner. 2. … Threat Detection & Response Support and enhance detection logic across all computing environments in collaboration with our security partners. Perform deep, forensic-level investigations when security incidents occur. The goal is simple: learn from every event and prevent the same issue from ever recurring. Lead the technical remediation efforts for security incidents and identified vulnerabilities, working closely across IT and … communication skills, especially the ability to communicate complex technical security concepts and risks to all levels of the organisation. A deep understanding of attacker methodology, detection techniques, and how response frameworks relate to the role. Experience working in cloud-native environments, specifically focusing on building and integrating security tooling to identify and mitigate misconfigurations. Strong analytical, troubleshooting, and problem More ❯

Desired technical skills: Microsoft 365 (Entra ID, Exchange, Teams, SharePoint, Intune, Azure) Windows Server/Active Directory, Networking fundamentals (DNS, DHCP, VPNs, firewalls). Security tools, vulnerability management, and incident response Security technologies (firewalls, IDS/IPS, SIEM, vulnerability scanners) Familiarity with Microsoft Defender and Mimecast. Strong analytical and troubleshooting skills across complex IT environments. Experience of Compliance More ❯

platforms. Contribute to resilience planning, disaster recovery, and business continuity processes. Maintain accurate documentation for assets, procedures, and configurations. Collaborate with other IT teams to support infrastructure projects and incident response. (Desirable) Assist with basic network administration, including switches, firewalls, and connectivity as needed. Required Skills & Experience Proven experience with Windows Server and/or Linux administration. Strong knowledge More ❯

platforms. Contribute to resilience planning, disaster recovery, and business continuity processes. Maintain accurate documentation for assets, procedures, and configurations. Collaborate with other IT teams to support infrastructure projects and incident response. (Desirable) Assist with basic network administration, including switches, firewalls, and connectivity as needed. Required Skills & Experience Proven experience with Windows Server and/or Linux administration. Strong knowledge More ❯

level designs to the required quality and standard. Principal Preferred Requirements Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical More ❯

level designs to the required quality and standard. Principal Preferred Requirements Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical More ❯

and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key … aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or supporting telemetry. Skills and Attributes Detection Engineering Framework More ❯

ownership of their customer support operations. This is a fantastic opportunity for a hands-on, process-driven leader. Key Responsibilities: Oversee customer support operations and shift coverage Manage SLAs, incident response, and escalations Maintain separate support flows for two brands Plan and resource staffing models and schedules Implement automation and AI to drive ticket deflection Own the knowledge More ❯

practices and ensure compliance with ISO27001:2022 and internal governance standards. Performance Monitoring: Maintain logging, monitoring, and alerting tools (e.g., CloudWatch, Prometheus, Grafana) to ensure system reliability and improve incident response. Collaboration & Knowledge Sharing: Work with engineers, product managers, and QA teams to optimise deployments and continuously improve the platform. Incident Management: Troubleshoot platform issues, conduct root cause More ❯