21 of 21 Incident Response Jobs in the East of England

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

ensuring alignment with enterprise risk and cyber security. Develop and implement Physical Security strategy, policies, and standards, including zoning, access control, CCTV, PSOC, and incident management. Define and maintain Physical Security architecture, secure-by-design reviews, and strategic access control to reduce insider and unauthorized access risk. Lead site … assessments using a tiered model, establish PSOC operating model, incident response playbooks, and integrate physical incident response with cyber and crisis management. Manage Physical Security technology strategy, vendor relationships, gap analysis, and executive reporting on the organization’s physical risk posture. Requirements: Proven expertise in strategic ...

throughput and quality while maintaining appropriate control. Note: There is no on-call requirement at present. The role is expected to define and improve incident response and operational readiness processes; any future on-call rota would be introduced by agreement as the function matures. The work you will … Platform observability and operational readiness Provide and evolve platform observability foundations: monitoring, logging, metrics, dashboards and alerting (using the agreed toolset) Define and improve incident response and operational readiness expectations (runbooks, escalation paths, recovery/rollback patterns, environment health checks) Establish and maintain DR and operational processes ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

operations, and external security partners, you'll design and implement robust security controls while continuously improving resilience and reliability. You'll take ownership of incident response activities, proactively monitor threats, and drive improvements across vulnerability management and security tooling. Alongside day-to-day operational security, you'll contribute … firewalls, SIEM platforms, endpoint protection, and vulnerability management tools Experience securing both cloud-based and on-premise environments A solid background in security incident response and investigation Experience working with third-party security vendors or managed service providers The ability to communicate technical security concepts clearly ...

incidents on critical client infrastructure. Perform in-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerability Provide Incident Response support when required, providing guidance on containment, eradication and recovery activities. Maintain and, where appropriate, improve and develop team knowledge … Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Input into threat intelligence activities when required. Represent the SOC within Stakeholders meetings ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Virus, Vulnerability Management, Data Loss Prevention, SIEM, and other protective and detective security controls. Supporting the ongoing development and maintenance, and testing of Cyber Incident Response Plans, Playbooks, disaster recovery and business continuity procedures. The role will be based at our clients office in Hatfield, Herts. Candidates should ...

Virus, Vulnerability Management, Data Loss Prevention, SIEM, and other protective and detective security controls. Supporting the ongoing development and maintenance, and testing of Cyber Incident Response Plans, Playbooks, disaster recovery and business continuity procedures. The role will be based at our clients office in Hatfield, Herts. Candidates should ...

Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing ...

play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents ...

/CD pipelines in Azure DevOps Implement secure delivery practices including automated security scanning Build strong observability foundations (monitoring, logging, alerts) Improve operational readiness, incident response and disaster recovery Coach teams on DevOps best practice and platform standards What we're looking for Proven background working ...

your application to our client in conjunction with this vacancy only. KEY SKILLS SOC Shift Lead, Security Operations Centre, Microsoft Sentinel, Splunk, MITRE ATT, Incident Response, DV Cleared ...

also remain hands-on with proactive monitoring of production and other environments to ensure stability, availability, security and integrity as well as leading incident response, troubleshooting and root cause analysis to mitigate and prevent future issues. Location/WFH: You'll join the team at the Cambridge office ...

your application to our client in conjunction with this vacancy only. KEY SKILLS SOC Shift Lead, Security Operations Centre, Microsoft Sentinel, Splunk, MITRE ATT, Incident Response, DV Cleared ...

gated releases * Creating 'golden path' delivery patterns so teams can deploy without bespoke pipelines Operational readiness & observability * Defining monitoring, logging, alerting and dashboards * Improving incident response, runbooks and recovery processes * Shaping DR and operational processes (no on-call at present) Ways of working & coaching * Coaching development teams ...

systems running. You’ll likely have: Strong experience with Azure infrastructure Exposure to Kubernetes and containerised environments Experience supporting live systems, including upgrades and incident response A solid grounding in networking, security and cloud best practices Some scripting or automation experience (PowerShell, Bash, Python, Terraform or similar) Equally ...

will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities. This is a technically advanced role that combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work … experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. Understanding of encryption, data protection, and incident response. Confident communicator, capable of working in client-facing scenarios. Ideally certified in one or more of: SC-200 (Security Operations Analyst) AZ-500 (Azure ...

SCADA environments Understanding of industrial protocols (DNP3, ICCP, IEC 61850) Knowledge of NISD, NCSC CAF, IEC 62443, ISO 27001 Experience in cyber monitoring & incident response across IT/OT Ability to build strong relationships with senior stakeholders SC‐eligible UK Beneficial: NSE, CCNA, CCNP, CCIE certifications Cyber Security ...

engineering standards for quality and reliability in customer-facing systems. Non-functional Practice: Own non-functional excellence for enterprise customers: performance, reliability, observability, and incident management. Champion security best practices (e.g., vulnerability management, data protection, RBAC, audit logging) and ensure changes support SLAs/SLOs appropriate for SaaS products … software design principles and design patterns; able to justify trade-offs. Familiarity with cloud environments (e.g., AWS, Azure) and modern deployment pipelines, monitoring and incident response. Strong security mindset: application security best practices and experience mitigating vulnerabilities, secure coding techniques. Experience designing and building Data Pipelines/ETL systems. ...