1 to 25 of 298 Permanent Incident Response Jobs

Description Leidos is seeking an Incident Response Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff. Our Security Operations Center (SOC) Support Services is a US … events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared incident tracking system and other means of coordination and … or monitor activity Drive implementation and improvement of new tools, capabilities, frameworks, and methodologies Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, case and knowledge management, and SOC operations Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response more »

ensure that appropriate security controls are in place for KPMG technology solutions. Role summary Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process Coordinate Security Incident management activities across Regions • Provide Member Firms with Incident Response advice and support through the regional … set up, and maintain repeatable Teams War Room structure Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements Give Service Management the Security context of any Security … Incident promoted to Major Incidents Assist in the delivery of Cyber War games and purple teaming activities Initiate US Advisory IR assistance requests Coordinate US Advisory IR activities when necessary Key accountabilities Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major more »

Develops financial and operational objectives. Ensures that enterprise-wide operational plans are aligned with business objectives. Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses … software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex … of impact on business results, and typically manages one or more groups of professional employees. Job Description Responsibilities Lead daily operations of the Security Incident Response Team Serve as incident commander, leading incident response for major incidents. Clearly communicate incident status to critical stakeholders more »

Develops financial and operational objectives. Ensures that enterprise-wide operational plans are aligned with business objectives. Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses … software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex … of impact on business results, and typically manages one or more groups of professional employees. Job Description Responsibilities Lead daily operations of the Security Incident Response Team Serve as incident commander, leading incident response for major incidents. Clearly communicate incident status to critical stakeholders more »

Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring … Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures. Response: Lead and coordinate incident response activities, develop and maintain incident response plans, and escalate incidents … as necessary, ensuring adherence to major incident processes. Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds. Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure. Collaborate more »

Cyber Incident Response Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »

Cyber Incident Response A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incident response team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the Incident Response investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »

As a member of Experians Global Security Office, the Enterprise Security Incident Manager functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centres (CFCs) response to significant cyber-security incidents according to Experians Global Information Security Incident Response Plan and processes. You will … be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incident response and managing executive communications until incident termination. The candidate for this role must be a self-starter, capable of working independently … and have strong technical skills involving cyber-incident response, strong writing skills and effective communication with leaders. This role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours, including holidays and weekends. Key Responsibilities more »

innovative solutions for complex cyber engineering developmental problems that are competitive with industry and company standards. Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses … software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex … and guidance to more junior team members. May be responsible for leading a team, but does not directly manage people. Job Description Responsibilities Lead response to Cyber Security Incidents of varying complexity levels - including all steps from identification to final closeout Identify activity of investigative interest based on a more »

innovative solutions for complex cyber engineering developmental problems that are competitive with industry and company standards. Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses … software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex … and guidance to more junior team members. May be responsible for leading a team, but does not directly manage people. Job Description Responsibilities Lead response to Cyber Security Incidents of varying complexity levels - including all steps from identification to final closeout Identify activity of investigative interest based on a more »

line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident more »

I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

cyber security single-award IDIQ vehicle that provides network operations security center (NOSC) support, including monitoring and analysis, cyber threat intelligence, email analysis, forensics, incident response, and malware analysis The Department of Homeland Security (DHS) Network Operations Security Center (NOSC) is a U.S. government program responsible to monitor … events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination … us today! Duties include dynamic malware analysis, and performing memory and dead-box forensics. The Analyst should have experience in monitoring and detection, and incident response to support detection, containment, and eradication of malicious activities targeting customer networks. Acting as an escalation point for other NOSC analysts, the more »

Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »

I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incident response experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »

implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incident response and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incident response and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »

offerings to customers in the intelligence community, defense, civil, and commercial markets. Nightwing is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to … characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services. Nightwing is seeking a Cyber Incident Management Analyst to support this critical customer mission. Responsibilities: - Managing reported incidents by providing a single point of service for incident customer organizations throughout the incident life cycle of a high priority incident - Correlating incident data to identify specific trends in reported incidents - Recommending defense in depth principles and practices (i.e. Defense in Multiple Places, layered defenses, security robustness, etc.) - Performing Computer Network Defense incident triage to include determining scope, urgency, and more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incident response, network security architecture, policies, and procedures, and more! Main responsibilities: Serve as the primary subject matter expert on Azure security, including Azure … Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform. Develop and maintain incident response procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security. Proven experience in incident response management, including incident detection, analysis, and remediation. In-depth knowledge of network security principles, protocols, and technologies. Experience working with standards more »

Job Role: Lead Security Analyst Location: London, UK Role Type: Permanent Mode: Remote Purpose of the Job The Senior Security Incident Manager plays a pivotal role in safeguarding the organization's information assets and infrastructure from cyber threats and vulnerabilities. This position is responsible for leading and owning the … response to security incidents, managing the lifecycle of incidents from detection through resolution, and conducting thorough post-incident analysis to prevent future occurrences. By continuously monitoring our security environment, analyzing threats, and implementing strategic defenses, the Senior Security Incident Manager ensures the resilience and integrity of our … security monitoring services to detect, review, and triage suspicious events. Act as a key responder and coordinator for security incidents, organizing and driving the response efforts to ensure quick containment and resolution. Follow established incident response protocols and procedures to mitigate risks. Contribute to the creation and more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

stakeholders to understand business requirements and strategize the utilization of automation for enhanced efficiency. Working closely with the Security Operations Center (SOC) team and Incident Response Team (IRT), you will assist in the implementation and management of SOAR technologies. As a Security Orchestration, Automation, and Response (SOAR … will serve a critical role in our InfoSec's Cyber Defense Technology team. You will focus on enhancing our organization's automation, orchestration, and response capabilities through the strategic use of SOAR technology. You will lead the implementation of our SOAR platform, aiming to boost our overall efficiency and … upgrade SOC processes and workflows, focusing on integrating automation through SOAR tools and technologies. Initiate new SOC automation, ensuring compatibility with existing detection and response tools. Integrate new log sources and develop playbooks to efficiently triage and respond to security incidents while minimizing analysis time. Design custom scripts to more »