1 to 25 of 53 Permanent Incident Response Jobs with Remote Work Options

This is a Senior Consultant role with responsibility for managing and delivering Control Risks cyber response threat hunting solutions. This involves managing our threat hunting engagements and where needed leading the technical aspects of cyber response cases. This role will report to the Associate Director of Cyber Response … enhance our Threat Hunting Standard Operating Procedures ensuring they reflect client requirements and align with our Cyber Threat Intelligence team Work with our Cyber Response Technology and Automation lead to implement the tooling required to effectively threat hunt Implement a quality assurance program to ensure threat hunting engagements proactively … attack techniques, to form hunting playbooks and mitigation steps. Work closely with our Cyber Threat Intelligence team and share threat hunting playbooks with the incident response team. Incident response Overseeing host and network based investigations. Leveraging the Digital Forensics Incident Response (DFIR) team to more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. … Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic analysis on serious security incidents using data from multiple sources to ensure threats are contained and eradicated effectively. Cyber Crisis Scenario Testing: Participate … important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and more »

and services. Monitoring and Alerting: Implement and maintain robust monitoring, alerting, and logging systems to proactively identify and resolve issues. Ensure optimal system performance. Incident Response: Lead incident response efforts, investigate root causes of outages, and implement preventive measures to reduce the likelihood of recurrence. Capacity … Continuous Improvement: Continuously evaluate and improve system reliability, performance, and efficiency through automation and optimisation. Documentation: Maintain comprehensive documentation for infrastructure configurations, procedures, and incident reports. Requirements Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Proven experience as a Site Reliability Engineer more »

we offer a complete end-to-end security services covering our clients security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response , Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the … concepts, including network, systems, and application security. Familiarity with industry best practices for systems hardening. Expertise in data encryption and data privacy. Proficiency in incident response, business continuity planning, physical security, risk assessments, vulnerability scanning, and penetration testing report reviews. Standards and Best Practices: Solid understanding of industry more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

Hi All, I'm working with a global business looking for an Incident Response Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »

Cyber Response & Recovery Manager Permanent Hybrid working London based and various places in the UK SC Cleared or SC Eligible Up to £80,000 depending on location + car allowance + 12% discretionary bonus Our client is a global consultancy and are currently looking for a Cyber Response … candidate would have: Good knowledge of Information Security Management System (Infrastructure Security Operations). Understanding of the cybersecurity threat landscape. Experience managing a rapid response team. Good experience with ISMS. Financial Services experience. Strong technical background and experience with incident response and digital forensics. Experience writing and … adapting playbooks. Strong stakeholder management skills. The role: Manage and co-ordinate cyber security incidents for our clients, working closely with the cyber response leadership team (1 Partner and 2 Directors). Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »

that prides themselves on its commitment to innovation, sustainability, and safety. Day to Day Responsibilities: Lead and mentor a team of cyber detection and response analysts and provide feedback and performance evaluation. Take an active role in the development and implementation of the CSOC and ensure that the team … and alerts from various sources, such as network, endpoint, cloud, and threat intelligence. Identify and prioritize the cyber security incidents, escalate P1 and P2 incident to the Cyber Incident Response team. Review and validate the incident reports and recommendations and escalate the high-risk or complex … the SOPs and Playbooks for Cyber Detection. What are we looking for: Proven experience in a Cyber Security Operations Centre. Proven experience in Cyber Incident Response. In-depth knowledge of cyber threat landscape and attack vectors. Expertise in incident detection, analysis, and resolution. Understanding of CNI and OT more »

for the junior analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will also have the opportunity … L1 and L2 analysts, including objectives setting, performance management/reviews, training & development, and BAU activities including shift cover etc. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours … Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity. Identify, create and implement more »

standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security Incident Response processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »

connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Incident Responder - Cyber Security - Middle East BAE Systems Digital Intelligence has been contracted to deliver a National Cyber Security Programme in the Middle East as … for 12 months so there are no options for hybrid working as the majority of time will be spend on client site. As an Incident Responder you will be responsible for the Triage of cyber security incidents, determining and categorising which incidents cross the threshold becoming National cyber security … media releases. Manage Incidents on site and across multiple sites. Conduct on-site analysis and collection of data for depth support as part of incident investigation. Identify and propose remediation activities and identify security improvements to prevent future incidents. Direct client IR Teams and In-house malware and forensics more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

your communication skills must be very strong. You will have an excellent understanding of ITIL methodologies and demonstrable experience of working on IT Requests, Incident management, Change Management and Problem Solving. You will utilize ServiceNow and Manage Engine as the primary IT Service Management (ITSM) solution to efficiently manage … software licensing terms, license models and enterprise maintenance and support contracts. Work under limited supervision, both independently and within a team environment. Proficient in incident management tools and IT service management platforms with a focus on global incident response (e.g., ITSM, Jira, ServiceNow). Strong analytical and more »

business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical more »

UK Role Responsibilities 7-10 years experience in site reliability engineering, with at least 3 years in a leadership role. Maintain production stability through: Incident Response, DR planning & roleplay Performance monitoring & healing Security monitoring & remediation/response Infrastructure hardening (e.g. security baselining & enhancements) Infrastructure maintenance (e.g. serverless more »

Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps Practices, Security Scanning & Testing, Security Incident Response, Identity & Access Management (IAM), Secure Cloud Environments, Secure Code Reviews Nature: Permanent, Full Time Hours: Monday - Friday 09.00 -17.30 Gross pay … + 20% bonus, Health Care, Discounts & other benefits Key Activity: * Develop & Deploy Security Protocols * Perform Security & Operational Evaluations * Integrate Security & Operations within DevSecOps * Manage Incident Responses * Enhance Operational Effectiveness * Coordinate on Code Security & Operational Streamlining * Promote DevSecOps Principles * Address Security & Operational Incidents * Implement DevSecOps Enhancements Overview: As a DevSecOps … testing & vulnerability scanning within our CI/CD pipelines. * Conduct regular security assessments & audits to identify & mitigate risks. * Respond to security incidents & conduct post-incident analysis to prevent future occurrences * Stay up to date with the latest security threats, vulnerabilities, & industry best practices. * Collaborate with DevSecOps Product Owner, Run more »

maximising the number of successful IT changes by ensuring that risks have been properly assessed authorizing changes to proceed and managing the change schedule. Incident Management: Oversee and respond to Technology incidents and emergencies. Develop and maintain an effective incident response plan, ensuring that the team can more »

and infrastructure security throughout the development lifecycle. Automation: Develop and maintain automation scripts and tools for security testing, compliance, and deployment processes. Monitoring and Incident Response: Set up and monitor security alerts and logs, respond to security incidents, and conduct root cause analysis. Collaboration: Work collaboratively with development more »

and managing automation scripts for deploying and configuring security agents across large environments. Experience in tuning and optimizing OpenSearch or Elasticsearch indexers. Experience with incident response processes and forensic analysis to support investigations and improve threat detection. Experience with cloud-native security tools and services Desired Qualifications: Advanced more »

for security incidents, and responding promptly to security breaches. As a Cyber Security Analyst you will be gain exposure across: Security Infrastructure Vulnerability Management Incident Response Ideally you will have experience across: Security principles, techniques, and protocols Endpoints, servers, infrastructure and networking technologies Experience in supporting security systems more »

in developing policies and procedures to comply with GDPR, working with the DPO outsourcing company. Skills and Qualifications: Proven experience with SIEM tools and incident response Strong understanding of network infrastructure and security protocols Experience with GDPR, data security and other compliance regulations Experience with GDPR, data security more »

and demand forecasting. Refine and implement DevSecOps security practices. Architect systems for HA, Disaster Recovery, and Load Balancing decisions. Write playbooks and inform the incident response practices. Participate in an on-call rotation for 24x7 support. Qualities and Skills Required Bachelor's Degree in Computer Science, Engineering, IS more »