101 to 125 of 2,124 Incident Response Jobs in England

maintain, integrate, and perform initial configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response plans and procedures. Security More ❯

Be aware of the latest threats in cybersecurity to guide and advise the organization regarding the protection of systems Monitor and translate threat intelligence feeds into actionable detection and response actions Monitor and analyze security logs for attacker tactics, techniques and procedures (TTPs), filtering through suspicious activities to determine their root cause and perform remediation activities as appropriate Creating … testing and validating Maples security capabilities to identify vulnerabilities/gaps and build appropriate detection and response countermeasures Serve as a technical resource for the security operations team during active response efforts Track, record, and monitor identified security issues through to completion Support IAM technology stack by performing various identity, access and data protection activities including monitoring and … field Security certifications: GCIA, GCFA, GCFE, CISSP (Associate), CEH, or comps. Experience in one or more areas: identity and access management, security operations, cyber threat hunting, Endpoint Detection and Response (EDR), detection signatures and analytics Experience with open standards such as SAML, OAuth or Open ID Experience with encryption, logging, log aggregation and analytics domains Practical experience with securing More ❯

play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incident response to help scale and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to … applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incident response activities, including log analysis, querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal … Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC 2), contribute to control implementation, and assist with security documentation. Contribute to internal security education and awareness by developing training materials More ❯

of Advanced Persistent Threat groups and the ability to conduct in-depth research Able to independently verify the results of Threat Hunts, refining the queries where necessary Experienced in Incident Response and Management Responsible for the quality of all Threat Hunt Reports, ensuring that output is delivered it is at the highest possible standard Responsible for ensuring that … the maturity of the function within the client and identifying areas for improvement, productising those improvements and delivering them Be a point of contact for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of non-standard analytic findings and anomaly detections for which a playbook does not yet exist. Responsible for ensuring that … of new detection rules/analytics Requirements Technical 3+ years’ experience in Cyber Threat Intelligence, and conducting research and investigating cyber threats in a technical capacity Experience in technical incident response and management An expert understanding of current and emerging threats related to government and CNI Demonstrate a high-level knowledge of Windows operating systems and the Azure More ❯

Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to … with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption … information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance More ❯

Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to … with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption … information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance More ❯

Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to … with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption … information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

systems in hybrid environments (on-premises and cloud). Staying updated on cybersecurity threats to advise on system protections. Monitoring threat intelligence feeds and translating them into detection and response actions. Analyzing security logs to identify attacker tactics, techniques, and procedures (TTPs), investigating suspicious activities, and performing remediation. Developing and validating security capabilities to identify vulnerabilities and improve detection … and response measures. Supporting active response efforts as a technical resource for the security team. Tracking and resolving security issues from identification to resolution. Supporting IAM technologies by monitoring and enhancing identity, access, and data protection activities. Managing user roles, permissions, and authentication mechanisms (e.g., PAM, SSO, MFA, OAuth). Designing and enforcing policies on least privilege access … lifecycle management, including provisioning, de-provisioning, and access modifications. Monitoring cloud security events, logs, and alerts to detect and respond to threats. Creating and maintaining automated security playbooks for incident response. Identifying and remediating vulnerabilities in cloud environments. Collaborating with cross-functional teams to ensure secure cloud architecture and practices. Implementing data security policies such as DLP, privileged access More ❯

of Advanced Persistent Threat groups and the ability to conduct in-depth research Able to independently verify the results of Threat Hunts, refining the queries where necessary Experienced in Incident Response and Management Responsible for the quality of all Threat Hunt Reports, ensuring that output is delivered it is at the highest possible standard Responsible for ensuring that … the maturity of the function within the client and identifying areas for improvement, productising those improvements and delivering them Be a point of contact for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of non-standard analytic findings and anomaly detections for which a playbook does not yet exist. Responsible for ensuring that … of new detection rules/analytics Requirements Technical 3+ years' experience in Cyber Threat Intelligence, and conducting research and investigating cyber threats in a technical capacity Experience in technical incident response and management An expert understanding of current and emerging threats related to government and CNI Excellent Open-Source research skills Demonstrate a high-level knowledge of Windows More ❯

ahead of emerging threats and possess strong technical expertise in security operations, this is an exciting opportunity to make a significant impact. What You’ll Do Enhance threat detection & response by designing, implementing, and optimizing security tools, detection mechanisms, and secure configurations to identify and mitigate cybersecurity threats. Develop and optimize detection rules, signatures, and indicators of compromise (IOCs … Product Security team to achieve security and compliance objectives across multiple cloud technologies (e.g. AWS GuardDuty/Security Hub/Inspector, GCP Security Command Center). Enhance threat hunting, incident response, and security operations through continuous improvement in detection, analysis, and automation. ️ What You’ll Need You hold a degree (University/University of Applied Sciences) in Computer … have excellent communication skills with the ability to convey technical concepts to non-technical stakeholders. You bring strong documentation skills for creating and maintaining threat detection rules, procedures, and incident reports. You are fluent in English; other languages are a plus. What You’ll Get Ownership & Impact: From day one, you'll have the autonomy to own your work More ❯

Key Responsibilities: Monitor, analyse, and respond to security events and incidents within the organisation's SOC environment. Identify, investigate, and mitigate potential security threats and vulnerabilities. Provide expert-level incident handling and contribute to continuous improvement of incident response processes. Collaborate with technical teams to enhance the organisation's overall security posture. Generate reports on security incidents … limited to Microsoft Defender, E5/A5, Sentinel, and Azure Security. Strong analytical and problem-solving skills, with the ability to make sound decisions under pressure. Demonstrated experience in incident detection, triage, containment, and remediation. Knowledge of security frameworks, such as NIST, ISO 27001, or similar. Excellent communication skills, with the ability to clearly convey technical details to diverse More ❯

to identify and evaluate potential security threats, taking into account the specific risks faced by UK financial institutions. Develop and implement risk mitigation strategies to address identified vulnerabilities. Oversee incident response planning and execution, ensuring alignment with UK regulations and reporting requirements. Security Architecture and Operations: Design and implement security architecture to protect critical assets, including on-premise … AWS). Manage security technologies such as firewalls, intrusion detection systems, data loss prevention tools, and cloud security posture management (CSPM) solutions for AWS. Oversee security operations, including monitoring, incident response, and vulnerability management, with a focus on UK-specific threats and regulations. Policy and Compliance: Develop and maintain information security policies, standards, and procedures in accordance with … in cloud environments. Strong analytical and problem-solving abilities. Deep understanding of security technologies and architecture, including cloud security and AWS-specific services. Knowledge of risk assessment methodologies and incident response procedures, tailored to the UK financial services context. Ability to develop and implement security policies and procedures in line with UK regulations. Experience with third-party risk More ❯

Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as … transformation programs, with limited oversight. There is a base requirement to demonstrate understanding of and find ways to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and … manage complex workstreams; take ownership of outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and/or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

to identify and evaluate potential security threats, taking into account the specific risks faced by UK financial institutions. Develop and implement risk mitigation strategies to address identified vulnerabilities. Oversee incident response planning and execution, ensuring alignment with UK regulations and reporting requirements. Security Architecture and Operations: Design and implement security architecture to protect critical assets, including on-premise … AWS). Manage security technologies such as firewalls, intrusion detection systems, data loss prevention tools, and cloud security posture management (CSPM) solutions for AWS. Oversee security operations, including monitoring, incident response, and vulnerability management, with a focus on UK-specific threats and regulations. Policy and Compliance: Develop and maintain information security policies, standards, and procedures in accordance with … in cloud environments. Strong analytical and problem-solving abilities. Deep understanding of security technologies and architecture, including cloud security and AWS-specific services. Knowledge of risk assessment methodologies and incident response procedures, tailored to the UK financial services context. Ability to develop and implement security policies and procedures in line with UK regulations. Experience with third-party risk More ❯

reduce residual risk across diverse technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Bachelor's degree in Cybersecurity, Information More ❯

systems, networks, and logs for any signs of security incidents or unauthorised access and respond promptly to mitigate risks Investigate security breaches, incidents, and other cybersecurity events, and develop incident response plans to ensure timely and effective resolution Collaborate with cross-functional teams to design, implement, and maintain security controls and configurations across various systems and platforms Oversight … assessment tools You own relevant certifications (Security+, IAT II/III level or similar) You excel in risk assessments, vulnerability management, and data-driven decision making Strong knowledge of incident response procedures, including containment, eradication, and recovery from security incidents. You have strong expertise in AWS and GCP, with experience in multi-region and hybrid cloud architectures, Azure More ❯

for Cooper Parry Wealth | #1 Accountancy Firm to work for in the UK About The Role... Are you a cybersecurity professional with a solid foundation in threat detection and response, looking to deepen your impact in a dynamic IT environment? Do you have hands-on experience with Microsoft Sentinel and Microsoft Defender, and a passion for protecting systems and … point of contact for security-related queries, providing guidance and training to end-users and technical teams Maintain clear, comprehensive, and up-to-date documentation of security policies, procedures, incident response plans, and system configurations Work closely with our Security Operations Centre to monitor and investigate security alerts generated by Microsoft Sentinel and Microsoft Defender Collaborate with our … ll be able to manage and prioritise multiple tasks in a fast-paced and dynamic environment. Technically you’ll bring: Microsoft Security Stack: Microsoft Defender XDR and Microsoft Sentinel (incident investigation, alert tuning and threat detection) Cloud Security Expertise, particularly within Microsoft 365 and Azure environments Infrastructure Knowledge: networking, Windows, macOS etc. Familiarity with security frameworks & standards i.e. NIST More ❯

Management: Develop and maintain a robust vendor risk management program. Conduct assessments of vendors and service providers to ensure they meet information security requirements and adhere to contractual obligations. Incident Response and Management: Develop and maintain an incident response plan and coordinate the response to information security incidents. Lead investigations, root cause analyses, and corrective More ❯

information assets, customers, and operations. The team is seeking an experienced, proactive IT, Security & Compliance Manager to own the day-to-day management of IT services, systems security, and incident response. Role Purpose The IT, Security & Compliance Manager is responsible for maintaining the security, integrity, and availability of the company's systems and infrastructure. This includes ensuring security policies … and security awareness training programs Governance, Risk, and Compliance Maintain compliance with GDPR (both UK and EU) and emerging best practices Conduct regular access reviews and system audits Support incident reporting and documentation for regulatory and internal purposes Assist with responses to customer and prospect queries relating to compliance, security policies, and infrastructure Contribute to the timely and accurate … and common attack vectors Hands-on experience with: Microsoft 365, Azure AD/Entra ID, and IntuneEndpoint protection toolsCloud security principles (AWS preferred)VPNs, firewalls, and network security Solid incident response, troubleshooting, and system administration skills Experience implementing technical controls to support security policies Desirable Skills Experience working in a SaaS or fast-growth technology company Experience supporting More ❯

on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies, aligning to a 3 lines of defence model and enforcing alignment of risk taxonomy to organizational cybersecurity risk management … processes, streamline and simplify complexity, and incorporate new ideas and capabilities to enhance our security posture and make the team stronger and better. Decisive: provides clear direction during cyber incident response to the Security Operations team and all associated stakeholders. Identify risks: Able to synthesize capability gaps and articulate them so the Firm can manage risk in alignment … threat landscape. High level of integrity and ethical judgement to handle sensitive information responsibly. Familiarity with cloud security controls and securing hybrid IT environments. Knowledge of vulnerability management and incident management practices. Evidence of working in the Financial Service Industry preferred. Our commitment to employees: At CLS, we celebrate diversity and consider this to be one of our strongest More ❯