1 to 25 of 33 Incident Response Jobs in the East of England

Senior Detection & Response Engineer Cambridgeshire Based - 1-2 days a week on site We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and … building scalable detection and response capabilities across the organisation. This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively. What You'll Be Doing: Investigate and respond to security events with clarity and precision … triage, analyse, and manage incidents from end to end Develop and improve detection and response processes, technologies, and work flows Design and implement tools to collect and analyse security telemetry from cloud environments Automate security workflows to enhance detection accuracy and reduce response time Build and fine-tune detection rules to focus efforts on high-fidelity alerts Create More ❯

will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats. This role involves implementing OT security measures, monitoring the OT network for threats, leading incident response efforts, validating security controls, and ensuring the resilience of OT systems. What you'll be doing: Implement and manage OT security controls, measures, and technologies to protect … critical assets and systems. Conduct risk assessments, vulnerability management, and security testing. Develop and implement incident response plans and ensure compliance with regulations. Conduct proactive threat hunting and reactive incident response. Provide regular reports on security status, including incidents, vulnerabilities, and overall health of OT systems. Collaborate with cross-functional teams, including network engineers, system administrators, and … external cybersecurity teams. What you'll need: At least 3 years of experience in OT security engineering, incident response, or a related field. Ability to manage multiple assessments and projects simultaneously. Strong understanding of industrial control systems (ICS) and SCADA systems. Strong problem-solving skills and attention to detail. Proven experience with OT and IT security technologies, including More ❯

Hands and Feet Support (FSO) role is responsible for executing physical tasks within the data center, supporting remote teams, and ensuring operational continuity through proactive monitoring, hardware handling, and incident response. Shift Pattern: 24x7 Support ? 12-hour rotational shifts Key Responsibilities:- CRU Handling: Assist with Customer Replaceable Unit (CRU) replacements and installations. Cabling & Patch Panel Management: Perform structured cabling … support via email and telephone. Monitoring: Monitor telephony and email channels for support requests and alerts. Environmental Monitoring: Use native tools to monitor temperature, humidity, and other environmental parameters. Incident Response: Support incident management processes and escalate issues as needed Qualifications & Skills: Basic understanding of data center infrastructure, cabling standards, and cooling systems. Experience with Nlyte or … with hardware components and structured cabling. Strong communication skills for coordinating with remote teams and vendors. Ability to work in a 24x7 shift environment. Experience with monitoring tools and incident response is a plus Benefits A supportive, diverse, and global team with a brilliant culture. Competitive compensation and benefits that includes up to 20 days’ vacation per year More ❯

to uncover anomalies. You’ll also conduct proactive threat hunting and maintain detailed risk profiles for users, systems, and applications to support a strong security posture. Endpoint Detection and Response (EDR) You’ll manage and maintain endpoint security and compliance, performing daily health checks and resolving any issues that arise. Working closely with Infrastructure teams, you’ll ensure endpoint … implement and configure DLP solutions, define classification policies, and monitor for potential data leaks. Your work will help protect sensitive information and prevent unauthorised data exfiltration across the organisation. Incident Response You will form a key part of the incident response team when security incidents occur—analysing threats, assessing business impact, and be part of the … response lifecycle from containment to recovery. You’ll document incidents thoroughly, follow established playbooks, and help improve them over time. Automation will be key to streamlining investigations and enriching threat intelligence. Testing and Validation You’ll take part in cyber crisis simulations, penetration testing, and table-top exercises to ensure our defences are robust and response plans are More ❯

taking a leading role in delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security … toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily tasks will involve the following: • Endpoint monitoring and analysis. • Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. • Monitor and administer Security Information and Event Management (SIEM). • Malware analysis and forensics research. • Understanding/differentiation … of intrusion attempts and false positives. • Investigation tracking and threat resolution. • Vulnerability identification & mitigation/remediation. • Compose security alert notifications. • Help develop cyber security process & procedures. • Advise incident responders & other teams on threat. • Triage security events and incidents apply containment and mitigation/remediation strategies. • Generate reports and document security incidents/events. • Proactively monitoring the performance of systems More ❯

understanding of cybersecurity fundamentals, including malware, phishing, and network attacks Familiarity with endpoint protection, firewalls, and email security systems Knowledge of scripting or automation (e.g., PowerShell, Python) Experience with incident response frameworks and ITIL ticketing systems (e.g. ServiceNow, Jira) Nice to have Any MS365 certifications and CW PSA (nice to have) Relevant security certifications such as CompTIA Security+ … and improving SOC runbooks, playbooks, and standard operating procedures Collaborate with IT teams and other stakeholders to remediate security issues Participate in continuous improvement initiatives to enhance detection and response capabilities Contribute to periodic reporting on incident trends and metrics More ❯

be doing: Working with a diverse group of engineers across Speechmatics to improve reliability of our products and systems, from design through to operation in production. Taking part in incident response, postmortems and ensuring the same incident doesn't happen twice. Managing and improving GitOps release workflows and CI/CD pipelines. Monitoring system performance and troubleshooting … how each layer fits together. Naturally inquisitive and eager to dive deep into new technologies; you thrive on learning as you go. Prior experience with on-call rotations and incident response is a plus. Familiarity with OpenTelemetry and related observability tooling is advantageous. We encourage you to apply even if you do not feel you match all of More ❯

having game-changing technology within their industry, with exciting scope for expansion into further industries. This role is looking for someone to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 £60,000 + excellent benefits (£32,000 for a new Graduate) Requirements for Site Reliability Engineer Graduate Considered: Excellent … degree from a leading international University in a STEM subject A minimum of ABB at A-Level or international equivalent if applying at Graduate level Experience working in an incident response or 3rd line technical support environment Brilliant communication skills this role is a highly interactive role Ideally, you will have knowledge of modern infrastructure and operational tooling More ❯

Own the end-to-end operational strategy for system availability, performance, and security monitoring. Oversee the day-to-day execution of infrastructure and security services, ensuring operational excellence and incident response readiness. Partner with the CISO to shape long-term strategy and roadmap for secure, resilient IT services. Drive automation, observability, and scalability across the infrastructure and security … a leadership role. Strong background in systems engineering, networking, cloud infrastructure (AWS preferred), and enterprise security tooling. Demonstrated experience building and leading high-performing technical teams. Deep understanding of incident response, security monitoring, and operational risk management. Hands-on ability to troubleshoot, assess risk, and solve complex infrastructure and SecOps challenges. Excellent communication skills with the ability to More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST … Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans … environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective More ❯

Implement security scanning and compliance checks within deployment pipelines • Collaborate with development teams to optimize application performance and reliability • Maintain and improve backup, recovery, and disaster recovery procedures • Support incident response and root cause analysis for production issues • Manage configuration management and secrets management solutions • Optimize cloud resource utilization and cost management • Cover on-call rotation for production More ❯

build, and operation of the company’s technology infrastructure (networks, servers, cloud environments, data centres, and endpoints). Ensure infrastructure availability, performance, and security meet agreed service levels. Lead incident management processes and ensure rapid, effective response to minimise business disruption. Champion the adoption of modern infrastructure technologies, including cloud platforms and automation tools. Work closely with internal … Set clear priorities and KPIs, ensuring team accountability and ownership. Create a high-performance culture that encourages innovation, collaboration, and professional development. Define and track KPIs for service performance, incident response, cost efficiency, and user satisfaction. Produce regular reports on infrastructure performance, project delivery, and risk mitigation for senior leadership. Identify areas for improvement and implement solutions to More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

field. Master’s degree or relevant postgraduate qualifications are a plus. 🔐 Key Responsibilities: Security Strategy, Planning and Reporting Security Operations Collaboration and Stakeholder Management Risk Management Compliance Operations Audit, incident response, and risk management ✅ Requirements: Junior or Grad Cyber or Information Security Analyst Keen interest in ISO 27001, SOC 2 Type 2, and cloud environments. 📜 You will receive More ❯

with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness. Manage the information security awareness training program to ensure all employees develop and maintain an awareness about More ❯

secure application deployments in Azure. Administer and tune MongoDB instances, ensuring performance and high availability. Monitor and troubleshoot cloud infrastructure and network performance issues, ensuring minimal downtime and rapid incident response. Contribute to monitoring, logging, and alerting systems to improve visibility and operational efficiency. Required Skills and Experience: Proven experience as a Cloud Engineer or Infrastructure Engineer with a More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery … will not be considered for interview) Minimum 5 years hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To find out more information please contact Abbie More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC's security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery … will not be considered for interview) Minimum 5 years' hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To find out more information please contact Abbie More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC’s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery … will not be considered for interview) Minimum 5 years’ hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To find out more information please contact Abbie More ❯

are consistently met for critical business systems. Analyse and implement technical enhancements across our broker and insurer policy administration platforms. Partner with IT Operations to maintain system uptime, coordinate incident response, and manage escalations. Collaborate with insurers and data partners (e.g. CDL, OpenGI, Experian, Lexis Nexis) to align new market initiatives with our strategic goals. Ensure all environments … Bring We're looking for someone who's: Highly motivated , proactive, and solution-focused. Experienced in diagnosing and resolving issues in enterprise applications (performance, configuration, integration). Skilled in incident management using ITSM tools (e.g., ServiceNow), including root cause analysis and long-term fixes. Experienced in CDL Classic, CDL Strata, or OpenGI platforms (or similar). Comfortable building relationships More ❯

are consistently met for critical business systems. Analyse and implement technical enhancements across our broker and insurer policy administration platforms. Partner with IT Operations to maintain system uptime, coordinate incident response, and manage escalations. Collaborate with insurers and data partners (e.g. CDL, OpenGI, Experian, Lexis Nexis) to align new market initiatives with our strategic goals. Ensure all environments … Bring We’re looking for someone who’s: Highly motivated , proactive, and solution-focused. Experienced in diagnosing and resolving issues in enterprise applications (performance, configuration, integration). Skilled in incident management using ITSM tools (e.g., ServiceNow), including root cause analysis and long-term fixes. Experienced in CDL Classic, CDL Strata, or OpenGI platforms (or similar). Comfortable building relationships More ❯

Active Directory, Intune, Azure, and virtualisation platforms (Hyper-V, SAN). Drive improvements in monitoring, patching, backup (Veeam), and disaster recovery. Act as the technical lead for security configuration, incident response, and compliance (Cyber Essentials, GDPR). Provide 3rd Line technical support and mentor engineers in system administration and security best practice. Collaborate with senior Stakeholders on system More ❯

are crucial tasks. Collaboration: Working closely with internal IT teams to integrate security measures and promote IT security awareness among senior management. Operational Oversight: Overseeing penetration testing, vulnerability scans, incident responses, data loss prevention, phishing tests, and system audits. Vendor Management: Conducting security evaluations of third party vendors and service providers, advising on application security initiatives. Let's talk More ❯