101 to 125 of 618 Incident Response Jobs in England

to enterprise clients, helping them understand how we secure their data, and addressing concerns around healthcare, financial, or other regulated data with clear, actionable insights and support compliance requirements. Incident response: Lead security incidents response, ensuring rapid resolution while maintaining service availability and minimising impact. Mentor & educate: Mentor other engineers and contribute to establishing a strong security … . Possesses hands-on experience with programming production software (e.g., Python, Go), scripting, and DevOps tools for automation. Is familiar with secure coding practices , threat modeling, vulnerability scanning, and incident response processes. Demonstrates strong knowledge of cloud security architecture , including VPC security, and enterprise-grade deployment patterns. Has a proven track record building or integrating security systems that More ❯

travel to the office twice per week. We are looking for an experienced Security Engineer to join our Cyber team. You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you … will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Studio and gaming environments. Please note that this position will require participation in an on-call rotation. What you'll be doing: Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and … efficiently to stakeholders Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident Develop and run tools to gather security telemetry data from cloud production systems Automate workflows and improve identification and response time for security events Build and optimize detection rules, allowing us to spend our cycles More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

built on innovation, protection and connection. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Lead end-to-end incident response investigations and containment efforts Communicate directly with clients during live cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and … actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen response strategies Skills/Must have: Proven experience leading full-cycle incident response operations Comfortable handling breached customer communications under high-pressure … situations Expertise with industry tools such as Microsoft Sentinel, CrowdStrike, Defender, or equivalent Strong technical writing skills for producing post-incident reports Understanding of security frameworks like MITRE ATT&CK, NIST, or similar Eligibility for UK Security Clearance Benefits: Remote role Monday to Friday schedule High-impact position with autonomy and visibility Salary More ❯

our systems. Key Responsibilities SIEM Management: Monitor and optimize Security Information and Event Management (SIEM) tools like Splunk. Firewall & Proxy Audits: Review configurations and coordinate changes with infrastructure teams. Incident Response: Act as part of the Cyber Security Incident Response Team (CSIRT) to address threats. Compliance: Ensure alignment with ISO 27001, and other security standards. Risk More ❯

Centre (SOC) business. This is a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal … teams, this could be your next big step. What You’ll Be Doing Acting as the primary point of contact for clients on SOC service matters, including escalations and incident updates Leading major incident coordination , including investigation, containment, and remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams … configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

and external penetration testing activities, helping to triage and remediate findings. Security Champion Enablement: Collaborate with engineering teams to build security awareness and develop a network of Security Champions. Incident & Response Readiness: Support Smarsh SOC and security incident response, including root cause analysis and post-mortem reviews for your product(s). Security Compliance & Governance: Ensure More ❯

data, we’d love to hear from you. Key Responsibilities: Proactively monitor security alerts from SIEM, EDR, and other tools Investigate incidents, analyse logs, and perform threat detection and response Conduct assessments of systems, vendors, and third parties for security risk Support incident response including forensic data gathering and documentation Collaborate across internal and external teams to … Previous experience in a cyber security or similar role in a regulated environment Strong knowledge of Firewalls, IDS, network security, and cloud security Familiarity with vulnerability management tools and incident response Ability to clearly communicate technical security issues to all audiences Strong analytical, problem-solving, and relationship-building skills Relevant certifications (CISSP, CISM, CISA, ISO27001) preferred Degree in More ❯

Security Engineer Strong experience with Microsoft Security Tools and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to … Strong problem-solving ability with a pragmatic and collaborative approach Responsibilities for Cyber Security Engineer Enhance, manage, and optimise the company’s security tooling portfolio Review, update, and implement incident response playbooks and processes Strengthen security posture in Office 365 and Azure by deploying new tools and improving detection/response capabilities Collaborate with development teams to More ❯

Security Engineer Strong experience with Microsoft Security Tools and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to … Strong problem-solving ability with a pragmatic and collaborative approach Responsibilities for Cyber Security Engineer Enhance, manage, and optimise the company’s security tooling portfolio Review, update, and implement incident response playbooks and processes Strengthen security posture in Office 365 and Azure by deploying new tools and improving detection/response capabilities Collaborate with development teams to More ❯

internal and external audits and maintaining a comprehensive set of company policies. The role involves ensuring adherence to evolving regulations, general Health & Safety tasks, managing risk assessments, and supporting incident response processes. Key responsibilities include: Compliance Accreditations Overall management of Compliance areas of responsibility within our Information Security Management System (ISMS) including leading the ISO Committee, management and … including the Health and Safety Risk Register, completion of risk assessments and assisting in our monthly risk reports to the senior leadership team Assist, or own in some cases, incident response proceedings in the event of an Information Security Incident or Health and Safety Incident Collaboration with internal and external teams to raise awareness of Compliance More ❯

regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud security trends, tools, and technologies. Support the BISO in the providing metrics to the Divisional IT Risk Reporting and Dashboards. Escalate … experience with at least one major cloud provider (AWS, Azure). Proven experience with Microsoft Azure (multi-cloud knowledge, especially AWS, is a plus). Experience with security operations, incident response, and cloud compliance. Working knowledge of vulnerability scanning and detection technologies. Practical experience in triage and remediation of vulnerabilities. Deep understanding of and ability to articulate the More ❯

will play a pivotal role in safeguarding IT infrastructure and clients' digital assets. This position demands a proactive approach to security, encompassing the monitoring and protection of systems, strategic response to cyber threats, and the development of comprehensive security practices and strategy. You will serve as a key advisor to both clients and internal teams, guiding them through the … complexities of cyber security with your expertise. Responsibilities: Lead and support in the investigation and management of security incidents, ensuring a strategic response to mitigate risks. Implement and oversee security solutions for clients, ensuring their IT environments are resilient against cyber threats. Act as a primary point of contact for clients, providing expert advice on cyber security measures, best … practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development of incident response protocols to enhance security posture. Offer technical guidance to team members, fostering a culture of continuous learning and improvement within the security More ❯

Security Analyst, you'll play a key role in safeguarding our systems and data in a rapidly growing and ambitious accountancy firm. Key responsibilities will include: Security Monitoring and Incident Response Monitoring security tools for threats and vulnerabilities Leading the incident response lifecycle: detection, containment, recovery, and forensic analysis Supporting management in coordinating incident resolution More ❯

needs. Policy and Procedure Development: Defining, implementing, and maintaining corporate security policies, standards, and procedures to ensure compliance with industry regulations, legal requirements (e.g., GDPR, HIPAA), and best practices. Incident Response and Management: Playing a key role in developing incident response plans and coordinating efforts to detect, analyse, and respond to security incidents and breaches. Stakeholder More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents, and develop robust incident response plans to ensure timely and effective resolution. Collaborate with cross-functional teams to design, implement, and manage security controls and configurations across a range of platforms and … . Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols More ❯

by writing timely , accurate , and relevant customer-facing deliverables covering threat actors, vulnerabilities, campaigns, and malware. Supply intelligence to internal teams to enrich our threat detection, containment, investigation, and response capabilities. Conduct investigations to support fast-turnaround and long-form customer requests for information, including in incident response scenarios. Publish emergency customer advisories to alert on impactful … Experience working in online intelligence investigations and analysis, including strong OSINT skills What makes you uncommon? Understanding of cybersecurity and IT disciplines including networking, operating systems, authentication protocols, security incident response , and enterprise technical security solutions (SIEM, IDS/IPS, firewall solutions, offensive security tools ) Basic knowledge of Linux/Unix operating systems Certifications such as Network+, Security+ More ❯

managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related … managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities Strong collaboration, teamwork and relationship building skills across multiple levels and functions in the organization Able to communicate … technical or complex subject matter in business terms. Implement, manage, and maintain global security platforms Manage and participate in computer security incident response activities and the technical investigations of security-related incidents Conduct investigations of security related incidents Identify security vulnerabilities, perform solution security reviews and risk assessments, and partner with colleagues to respond to incidents and remediate More ❯

team of 5 analysts and 3 engineers with diverse technical skills and backgrounds in cyber security. As our Lead Cyber Security Analyst, you'll: Develop and maintain the security incident response process, including all supporting materials. Serve as the technical escalation point for complex security incidents within the SOC team. Oversee incident response activities and ensure … and training for analysts, including malware reverse engineering, threat intelligence, and log analysis. Lead and mentor SOC analysts, fostering a high-performing team. Improve SOC services, including security monitoring, incident detection, analysis, and response. Establish and document processes and workflows. Oversee the development of security tools and technologies like NDR, EDR, Vulnerability Management, SIEM, and SOAR. Collaborate with business … owners to identify and reduce cyber threats and vulnerabilities. We're looking for someone who is: Experienced in information security, especially security operations and incident response. Senior experience within technical or security operations teams. Strong understanding of cyber security concepts, technologies, and best practices. Effective in managing and communicating with diverse stakeholders, including executives. Experienced with security tools such More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security enables secure innovation and resilience across our global business. Our … recognizing unusualbehaviors that could indicate accidental, negligent or malicious activity. They manage the Insider Risks Data Loss Prevention service to support detection capabilities to allow for prevention, containment and response controls. Insider Risk also support the management of policies that apply to our data toensure it is safe but usable across our business. Role Summary: A vacancy exists for … any necessary steps to remedy them in a timely manner. Providing sensitive investigative services to other key Unilever investigative functions Reducing any risk or impact caused by a cyber incident Advising the broader organization on security best practices where applicable. RESPONSIBILITIES Define policies for data classification, protection, and handling based on sensitivity and regulatory needs. Ensure coverage across endpoints More ❯

on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security enables secure innovation and resilience across our global business. Our … recognizing unusualbehaviors that could indicate accidental, negligent or malicious activity. They manage the Insider Risks Data Loss Prevention service to support detection capabilities to allow for prevention, containment and response controls. Insider Risk also support the management of policies that apply to our data toensure it is safe but usable across our business. Role Summary: A vacancy exists for … any necessary steps to remedy them in a timely manner. Providing sensitive investigative services to other key Unilever investigative functions Reducing any risk or impact caused by a cyber incident Advising the broader organization on security best practices where applicable. RESPONSIBILITIES Define policies for data classification, protection, and handling based on sensitivity and regulatory needs. Ensure coverage across endpoints More ❯