13 of 13 Incident Response Jobs in Buckinghamshire

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

posture. This is a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation … efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero Trust implementation Conduct security audits and generate KPI/compliance reports Mentor junior analysts More ❯

posture. This is a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation … efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero Trust implementation Conduct security audits and generate KPI/compliance reports Mentor junior analysts More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

develop and implement security policies and mitigation strategies. Oversee the design, implementation, and monitoring of security controls to ensure effectiveness across IT systems. Deliver engaging cybersecurity awareness training and incident response guidance. Drive continuous improvement by tracking emerging threats, technologies, and attack methodologies. Contribute to departmental strategy, governance, and long-term planning aligned with business priorities. For leadership More ❯

develop and implement security policies and mitigation strategies. Oversee the design, implementation, and monitoring of security controls to ensure effectiveness across IT systems. Deliver engaging cybersecurity awareness training and incident response guidance. Drive continuous improvement by tracking emerging threats, technologies, and attack methodologies. Contribute to departmental strategy, governance, and long-term planning aligned with business priorities. For leadership More ❯

Ensure GxP (pharmaceutical industry) compliance and maintain audit readiness through robust validation frameworks, policies, and collaboration with QA and regulatory bodies. Cybersecurity & Risk – Lead cybersecurity strategy, including access controls, incident response, and vulnerability management. Team & Vendor Management – Build and mentor a global IT team while managing external providers and ensuring performance against SLAs. Budgets & Performance – Manage IT budgets More ❯

Basic knowledge of monitoring, logging, and observability tools Understanding of cloud cost management and resource optimisation principles Comfort with troubleshooting and supporting development teams Understanding of service reliability and incident response practices Connells Group UK is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation More ❯

a culture of observability across the engineering team. Helps teams across engineering use operational data to improve stability and performance of their applications. Awareness of application security considerations Leads incident response across the engineering teams as needed Identifies dependencies across the organization and works with individual teams to resolve them before they become an issue, and installs preventative More ❯

the engineering team. Helps teams across engineering use operational data to improve stability and performance of their applications. Maintain documentation and release notes Awareness of application security considerations Leads incident response across the engineering teams as needed Identifies dependencies across the organization and works with individual teams to resolve them before they become an issue, and installs preventative More ❯

frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return. Cyber Security: Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response. Digital Clinical Safety: Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation. Quality Management: Manage the Quality Management System (ISO … frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return. Cyber Security : Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response. Digital Clinical Safety : Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation. Quality Management : Manage the Quality Management System (ISO More ❯