1 to 25 of 30 Incident Response Jobs in the East of England

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯

As part of our Cyber team, you will help us build a world-class security automation, orchestration, and response capability that will navigate challenging security incidents, drive process improvement, and develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools needed to scale our detection and response capabilities across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts … to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence, Incident Response, and Attack Surface Management teams to build and tune robust SIEM detections for proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Partner with third-party vendors and service providers to More ❯

As part of or Cyber team You will help us build out a world class security automations, orchestration and response capability that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools that we need to scale our detection … and response capability across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. … Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and More ❯

response. • Soft Services Management - Ensuring effective delivery of cleaning, waste management, catering, reception, and porterage. • Contract & Supplier Management - Managing outsourced service providers and ensuring compliance with SLAs. • Business Continuity & Incident Management - Developing and maintaining business continuity plans for NBIP (BCP). • Compliance, Insurance & Risk Management - Ensuring adherence to health, safety, and environmental policies. • Mechanical, Electrical & Building Fabric Maintenance - Supporting … control systems, working with the EI Business Support team as needed who locally manage systems within the EI Building. Operational Management • Analyse Business Systems data to identify trends, improve response times, and enhance efficiency. • Work with the FM Business Partner to provide data-driven insights for performance monitoring. • Drive continuous improvement to ensure customer-focused service delivery. Soft Services … ensure compliance and contractual performance. • Develop and sustain relationships with key stakeholders. Security & Access Management • Manage site security services, including contracted security staff, access control, and CCTV. • Ensure robust incident response procedures, coordinating with emergency services when necessary. • Work with internal stakeholders to manage security risks, access controls and mitigate threats. • Oversee visitor management protocols, ensuring compliance with More ❯

travel to the office twice per week. We are looking for an experienced Security Engineer to join our Cyber team. You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you … will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Studio and gaming environments. Please note that this position will require participation in an on-call rotation. What you'll be doing: Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and … efficiently to stakeholders Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident Develop and run tools to gather security telemetry data from cloud production systems Automate workflows and improve identification and response time for security events Build and optimize detection rules, allowing us to spend our cycles More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

global brand for a Security Analyst/SOC Analyst on a 6-month Contract basis. You’ll play a key role in security operations, vulnerability management, compliance auditing, and incident response, ensuring robust security for cloud services across UK data centres. Role and Responsibilities Manage vulnerability assessments using Tenable.io, including triage, exception tracking, and remediation Handle EDR alert … Conduct system audits for ISO 27001 compliance and review pen test/vulnerability scan outputs Perform log analysis, assist with threat hunting, and escalate risks or unusual activity Develop incident reports and track system impacts for analysis and improvement Collaborate with clients on infrastructure hardening and identify security gaps Support incident response, forensic analysis, and document findings More ❯

cybersecurity tools to conduct proactive vulnerability scans across the Archive's network, devices, and systems; prioritize and address vulnerabilities; and generate progress reports. Monitor security events using detection and response solutions; respond to, manage, escalate, and report potential security incidents following established Incident Response Procedures. Lead cybersecurity analysis, improvements, monitoring, and incident response efforts, collaborating More ❯

that transform how a modern cyber team defends a fast-moving, always-on digital environment. You'll be part of a forward-thinking security function that's serious about incident response, proactive defence, and continuously improving how they work. Your mission: Develop scalable automation workflows that improve how we detect, respond to, and recover from threats. Streamline processes … across threat intel, incident response, and vulnerability management by eliminating repetitive manual tasks. Design and fine-tune SIEM detections that surface real signals and support both proactive and reactive actions. Collaborate across multiple cyber disciplines and work with third-party tools and partners to create seamless integrations. Drive process improvement in relation to Cyber Automations and Tooling What More ❯

having game-changing technology within their industry, with exciting scope for expansion into further industries. This role is looking for someone to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 £60,000 + excellent benefits (£32,000 for a new Graduate) Requirements for Site Reliability Engineer Graduate Considered: Excellent … degree from a leading international University in a STEM subject A minimum of ABB at A-Level or international equivalent if applying at Graduate level Experience working in an incident response or 3rd line technical support environment Brilliant communication skills this role is a highly interactive role Ideally, you will have knowledge of modern infrastructure and operational tooling More ❯

their industry, with exciting scope for expansion into further industries. This role is looking for a Graduate or experienced SRE professional to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 - £70,000 per annum + excellent benefits including private healthcare (could be more available for an experienced SRE) Requirements … degree from a leading international University in a STEM subject A minimum of AAB at A-Level or international equivalent if applying at Graduate level Any experience working an incident response or technical support environment would be beneficial (could be as intern/year in industry etc) Brilliant communication skills - this role is a highly interactive role Ideally More ❯

Endpoint monitoring and analysis. * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders. * Enforce security policies, procedures, and guidelines for all IT systems and operations. * Provide recommendations for improving security practices to meet evolving regulatory and organisational needs. * Vulnerability … identification & mitigation/remediation. * Advise incident responders & other teams on cybersecurity threats. * Triage security events and incidents and apply containment and mitigation/remediation strategies. * Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and services. * Maintain comprehensive documentation related to security configurations, incident reports, audits, and compliance activities. * Proactively monitor the performance of … avoidance actions to prevent wider problems. * Function as the point of escalation for the Service Desk for security-related tickets. * Analysis of weekly vulnerability scans and update relevant records. * Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). * Monitor and analyse security logs from various systems (including SIEM) and network devices More ❯

Incident Planning & Business Continuity Manager IPBCM Job Title: Incident Planning & Business Continuity Manager Department: HSSEQ Location: Hemel Hempstead (hybrid with some travel) Join Our Team at BPA: Officially Where it's a Great Place to Work! About BPA: At BPA, we are at the forefront of the hydrocarbon transport and storage industry, proudly owned 50/50 by … teams not only have fulfilling careers but also deliver 'best in class' technical advice and services to our clients. What's the Job About? We're seeking a proactive Incident Planning & Business Continuity Manager to strengthen our emergency preparedness and organisational resilience across COMAH operations and critical national infrastructure. You'll lead the development and implementation of emergency and … continuity plans, coordinate risk assessments, and deliver training and exercises across the organisation. Key Responsibilities: Develop, maintain, and test emergency response and business continuity plans Lead risk assessments, business impact analyses, and recovery strategies Coordinate with emergency services, regulators, and local resilience forums Design and deliver training for incident response and continuity planning Serve as the point More ❯

production estate from both a technical and process perspective. Provide a consistent smooth operation of live systems and drive all on-call support issues. Design and operate a new incident tracking process to ensure root causes are found and remediated in a timely fashion by the development team. Create and maintain high end monitoring and automation tooling. Drive automation … and continuous improvement. RESPONSIBILITIES: Proven experience in a senior or lead SRE role, with a strong track record of building and maintaining highly reliable infrastructure and services. Expertise in incident management, including incident response, resolution, and post-mortem analysis. Proficiency in monitoring, alerting, and observability tools such as Prometheus, Grafana, ELK stack or Datadog. Experience with cloud More ❯

tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating dashboards, and writing KQL queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune/Endpoint More ❯

Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security baseline validation Some threat hunting and forensic analysis Creating documentation, playbooks, and security … for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling multiple tools - Elastic, Tenable, CrowdStrike (or comparable alternatives More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

security tools and systems to prevent threats and ensure data integrity including, but not limited to, Antivirus, Web and Email Filtering, Firewalls and Vulnerability Scanning. Monitor and provide timely response to new cybersecurity threats becoming part of an incident response team where necessary. Report to the Technical Services Manager but also work closely with the Technical Architecture More ❯

full compliance with all statutory requirements, company policies, and health and safety legislation across all soft service areas. Act as a key member of the site's emergency and incident response team, supporting security operations and business continuity planning. Customer Experience Drive continuous improvement in customer satisfaction by aligning soft services operations with customer needs and feedback. Financial More ❯

Senior Cyber Security Engineer As Senior Cyber Security Engineer, you will be responsible for developing a high-quality response function that will navigate security incidents, drive process improvement and develop a collaborative culture where incidents are communicated and colleagues gain knowledge in these areas. Also, you’ll build the infrastructure that the organisation needs to scale their detection and … response capability across all threats. Key Skills Experience in security monitoring, incident response, and threat hunting in a cloud environment Prior experience leading complex security investigations Understand offensive/defensive security and scenarios that lead to compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics More ❯

Senior Cyber Security Engineer As Senior Cyber Security Engineer, you will be responsible for developing a high-quality response function that will navigate security incidents, drive process improvement and develop a collaborative culture where incidents are communicated and colleagues gain knowledge in these areas. Also, you'll build the infrastructure that the organisation needs to scale their detection and … response capability across all threats. Key Skills Experience in security monitoring, incident response, and threat hunting in a cloud environment Prior experience leading complex security investigations Understand offensive/defensive security and scenarios that lead to compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics More ❯

Senior Security Engineer Cambridge (Flexible working arrangements available) £70k-£80k If you've ever been the one who spotted the anomaly before it became an incident, or the engineer who built the tool that turned days of investigation into minutes-you'll feel right at home here.This is a senior role for someone who wants to move beyond responding … to alerts and instead shape how security detection, automation, and response are built from the ground up. You'll have real influence over architecture, tooling, and strategy while working alongside experienced engineers in an organisation that actually listens to its security team. What's in it for you from day one? Private medical and dental coverage Enhanced family leave … wrong, it's contained quickly and effectively. What you'll be responsible for Designing and maintaining scalable detection logic across cloud and on-prem environments Developing automation that reduces response time and removes repetitive analyst work Writing scripts and tooling that help collect, correlate, and enrich event data Performing deep investigations when incidents occur and making sure we don More ❯

relevant Ensure infection prevention and control standards are met Contribute to the Trusts quality, governance, and risk management processes Report incidents and support organisational learning Contribute to Patient Safety Incident Response Framework (PSIRF) responses Adhere to information governance, confidentiality, and data protection policies Maintain awareness of relevant legislation, standards, and best practice Maintain awareness of the collective responsibility … of using information and analytics to drive service improvement Experience leading or supporting digital transformation initiatives Experience contributing to or leading quality improvement, clinical risk management, or patient safety incident responses. Ability to support the use of digital tools and data to improve clinical safety, reduce harm, and promote continuous learning. Desirable Involvement with national digital health bodies & projects More ❯