101 to 125 of 394 Incident Response Jobs in England

beyond simply reviewing logs or fixing vulnerabilities; it’s about redefining how security is perceived and integrated across everything we do. You will take a hands-on role in incident response, lead initiatives to strengthen our security posture, and be a key force in ensuring NGN stays ahead of evolving cyber threats. Please Note: National Security Vetting is … delivery of our NIS Directive Improvement Plan, ensuring compliance becomes a strategic advantage, not just a checkbox What we are looking for Experience with SIEM tools, logging, and cyber incident response Strong knowledge of EDR/AV solutions, vulnerability testing, and management Familiarity with Office 365, Active Directory, and network security (TCP/IP) Understanding of SCCM, Intune More ❯

You will be involved in assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage … security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other departments to ensure a unified security approach, including third-party risk assessments. Monitor and respond to the IT Security Queue (CVE updates, service requests, incidents, bulletins … . Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned More ❯

to our customers, employees, and clients. The Technology Operations Center provides assistance for the technology needs of employees. As the Senior Technology Operations Engineer you will support either the Incident Response Team or the Problem Management Team within the Technology Operations Center. You will manage and provide technology solutions for basic and complex issues for lines of business … and/or technology areas across the enterprise. As a Sr. Technology Operations Engineer you will work in a fast-paced environment and leverage your collaboration and incident correlation skills as well as your thorough understanding of operations of infrastructure technologies. Travelers Europe currently offers flexibility to employees who wish to work on a hybrid basis in accordance with … resolve of technological problems. Identify and tackle infrastructure root causes using the Root Cause Analysis (RCA) process. Remediate and improve resiliency of faulting systems. Improve troubleshooting documentation with the Incident Response Team. Provide input to develop and/or redesign solutions with partnership from application and engineering teams. Build, leverage, and maintain effective alliances across technical and business More ❯

to our customers, employees, and clients. The Technology Operations Center provides assistance for the technology needs of employees. As the Senior Technology Operations Engineer you will support either the Incident Response Team or the Problem Management Team within the Technology Operations Center. You will manage and provide technology solutions for basic and complex issues for lines of business … and/or technology areas across the enterprise. As a Sr. Technology Operations Engineer you will work in a fast-paced environment and leverage your collaboration and incident correlation skills as well as your thorough understanding of operations of infrastructure technologies. Travelers Europe currently offers flexibility to employees who wish to work on a hybrid basis in accordance with … resolve of technological problems. Identify and tackle infrastructure root causes using the Root Cause Analysis (RCA) process. Remediate and improve resiliency of faulting systems. Improve troubleshooting documentation with the Incident Response Team. Provide input to develop and/or redesign solutions with partnership from application and engineering teams. Build, leverage, and maintain effective alliances across technical and business More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols, including experience managing configuration changes. Experience working within incident response frameworks-from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews, particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols, including experience managing configuration changes. Experience working within incident response frameworks-from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews, particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

SOC Lead to take ownership of a high-performing Security Operations Centre working on critical defence and national security projects. You'll lead day-to-day SOC operations, drive incident response, and mentor analysts to strengthen detection and response capability against evolving threats. If you want to combine technical depth with leadership responsibility, this role offers both … for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit requirements Collaborating with wider IT/security teams to improve detection and response capability What you'll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH More ❯

and mitigating potential risks. You will oversee information security, compliance, and risk management practices based on industry-accepted information security and risk management frameworks, whilst establishing and maintaining an incident response plan, including incident detection, response, investigation, and resolution, to minimise the impact of security incidents. What you'll need to succeed Demonstrable experience of implementing More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯

council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other … Security Queue (CVE updates, service requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments More ❯

organizations through every step of their journey toward cyber resilience. Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients - of all sizes - respond with confidence. At Kroll More ❯

security aspects of design, build, implementation, operation, process, and policy, to ensure they are secure, resilient, and compliant with local and national standards. You'll assist with Cyber Security incident detection, response and recovery as well as the development, implementation, maintenance and testing of the Trust's Cyber Incident Response Plan (CIRP) and Security Strategy. You More ❯

manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee More ❯

delivering robust, scalable, and compliant security operations aligned with FCA Consumer Duty and broader regulatory obligations. You will play a key role in the operational management of security technologies, incident response processes, and the continuous enhancement of our detection and response capabilities. The successful candidate will bring hands-on expertise in, cloud security operations, threat detection and … will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem … with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and incident trends. Maintain and enhance operational documentation, including runbooks, playbooks, and standard operating procedures (SOPs) Support internal and external audit processes by maintaining evidence artefacts, compliance reporting, and validation of More ❯

and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key … customer-aligned threat coverage Lifecycle Management and Optimisation – You monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments Post-Incident Gap Analysis – You perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or supporting telemetry Telemetry and Pipeline Management – You manage data … accuracy, and stability Tune rules to reduce false positives, improve alert fidelity, and adapt to evolving threats Investigate detection failures due to environmental changes, misconfigurations, or telemetry gaps Post-Incident Review and Improvement Participate in incident retrospectives to identify missed detection opportunities and coverage gaps Develop and deploy new or updated detection content to address root causes Track More ❯

scans and external security & penetration tests, forensic audits, or related investigations. This includes the ability to ensure remediation of findings are handled and fed into continuous service improvement activities. Incident management of cyber security events of all severities, throughout the incident lifecycle. Business Continuity Develop, maintain, and improve data and technology Business Continuity & Disaster Recovery Plans that enable … into Live Service Experience of working with conflicting, highly complex, and/or highly sensitive information Experience in managing critical incidents, and problem investigation + resolution (including managing security incident response, and information security breaches) Experience of contributing to, and developing enabling strategies (example: information security) Coaching, mentoring and supervision of others Management of financial budgets for a … on-call, consumables, relevant 3rd party provision contracts) and developing investment cases Desirable Experience in conducting or managing information security audits, penetration testing, table-top/simulation exercises, and incident investigations Experience of management products/services in healthcare (NHS) Skills and Knowledge Essential Deal with complex business problems and translate into information security and business continuity requirements and More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient … operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging More ❯

on expertise will protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish … and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business agility SM&CR Responsibilities More ❯

integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish … and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business agility SM&CR Responsibilities More ❯