126 to 150 of 371 Incident Response Jobs in England

visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management and remediation processes … management platforms such as Tenable Knowledge of OT/ICS security platforms such as Claroty is beneficial Experience supporting security monitoring, detection engineering and incident response Strong understanding of enterprise infrastructure and cloud security Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

Implement monitoring, logging, and alerting using Azure Monitor, Application Insights, and Log Analytics Design and support identity and access management controls across environments Support incident response, recovery processes, and operational resilience Design backup and recovery strategies, ensuring RTO/RPO requirements are met Develop scripts and automation tools … Microsoft Fabric deployments Experience with identity and access management in Azure environments Understanding of backup and recovery design including RTO/RPO Experience supporting incident response and recovery Strong problem-solving and troubleshooting skills Experience working collaboratively with engineering teams, security teams, and third-party partners Working Style ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering , helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls . What … doing Lead and support incident response , threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management , remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

Splunk, capable of transforming security telemetry into actionable threat intelligence. As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders. Key Responsibilities Endpoint Security (CrowdStrike Falcon) Lead the deployment … ongoing optimisation of the CrowdStrike Falcon platform Manage policies across Falcon Prevent, Insight, and Discover Act as the technical authority for endpoint detection and response (EDR) SIEM & Security Monitoring (Splunk) Architect and enhance Splunk dashboards, alerts, and data models Write and maintain complex Splunk SPL queries Optimise Splunk Enterprise ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

tools across NOC and SOC environments Gather and analyse information from a wide range of security and infrastructure tools Handle operational tickets, escalations, and incident support across 1st and 2nd line activity Develop and improve NOC and SOC procedures and support operational best practice Work closely with Security Analysts … wider teams on threat mitigation and incident response Support and train monitoring engineers within live operations environments Key Requirements Previous experience in a Network Security Engineer , Security Operations , Technical Assurance , or similar role Strong background in networking , with a solid understanding of secure network design and operations Hands ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

impact Act as the link between technical security and the wider business, translating requirements clearly Drive improvements across: SOC/SIEM capability (currently OpenText) Incident response and vulnerability management Penetration testing and security assurance Cloud security across Microsoft and Google environments Support key transformation programmes, particularly across data … isolation What We're Looking For Proven background in Information/Cyber Security with a hands-on approach Experience across core security operations (SIEM, incident response, vulnerability management, cloud security) Comfortable working across both Microsoft and Google cloud environments Experience managing or mentoring junior team members Able ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

monitoring across multiple networks and services Oversee and contribute to the analysis, investigation and escalation of security incidents Coordinate closely with Cyber Operations and Incident Response teams to contain and mitigate threats Develop and enhance detection use cases, tooling and operational processes Provide subject matter expertise on threat … previous clearance About the team The Cyber Operations team protects critical systems and sensitive environments from advanced threat actors. Covering Threat Intelligence, Detection, Incident Response and Active Defence, the team operates at the forefront of cyber security, safeguarding the technology and services that support national security and those ...

Detection & Response Analyst (SOC/Security Engineering Pathway) Portsmouth (Hybrid) Why this role is different Most SOC roles are alert-heavy and repetitive. This isn’t one of them. You’ll be joining a team that’s actively moving beyond traditional SOC work—focusing on threat detection, automation … Working with security tooling (EDR, SIEM, cloud security platforms) Supporting threat hunting and proactive detection activities Collaborating with engineering teams to improve automation and response Contributing to continuous improvement of security operations What we’re looking for We’re open to people from a range of backgrounds, including ...

ideally Clearswift Strong understanding of Active Directory administration Experience across Windows and Linux security Familiarity with ITSM tools such as Remedy or Jira Strong incident response and analytical skills TO BE CONSIDERED: Please either apply through this advert or reach out directly to discuss further. xehkeey By applying … client in line with this vacancy. KEY SKILLS SOC Engineer, SIEM, Elastic, Tanium, EDR, Trend Micro, Trellix, Clearswift, Active Directory, Windows, Linux, Incident Response, ITSM ...

technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within the CI/… have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management (Coordinating risk-based ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

integrated practices for operational health, performance, and security. Define infrastructure strategy across Azure, hybrid, and legacy environments, including modernization roadmaps. Establish best practices for incident response, monitoring, playbooks, and capacity planning. Govern infrastructure changes including CAB oversight, rollback planning, and risk management. Advance infrastructure automation and IaC maturity … align infrastructure with broader technical goals. Own metrics for uptime, cost optimization, alert fatigue, and service-level objectives (SLOs). Establish best practices for incident response, playbooks, monitoring, and continuous improvement. Oversee change management including CAB governance, rollback strategies, and release pipelines. Collaborate closely with Help Desk, Security ...

Reduce alert fatigue by tuning thresholds, suppressing false positives, and downgrading non-actionable errors - Be the first responder when something breaks in production Reliability & Incident Response - Investigate and resolve production incidents end-to-end: detection, root cause analysis, fix, and post-mortem - Handle database performance issues: slow query … scale: clustering, read replicas, failover handling - Solid understanding of container orchestration and deployment strategies - Experience with monitoring and observability platforms (Datadog preferred) - Comfort with incident response: you've been paged at 2am and know how to stay calm, diagnose, and fix - Familiarity with CI/CD pipelines (CircleCI ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

practical learning, and shaping the next generation of defence cyber capability. Key Responsibilities Training Delivery & Subject Matter Expertise Deliver high‐quality cyber security and incident response training to learners with varying experience levels. Translate real‐world cyber operations, threat analysis, and incident handling into clear, practical instruction. … competence. Key Skills & Experiences Live SC Clearance Strong hands‐on knowledge of cyber threats, network security, risk management, and compliance frameworks. Deep understanding of incident response methodologies, detection, investigation techniques and tooling. Ability to communicate complex technical concepts in a clear, engaging and learner‐friendly manner. Experience designing ...

controlled environment. The Role You'll be responsible for the day-to-day operation and improvement of a central Azure cloud platform, covering monitoring, incident response, automation, and platform reliability. Senior hires will also play a key role in mentoring others and driving improvements across the platform. What … Azure (IaaS/PaaS) Terraform for Infrastructure as Code Kubernetes and containerised platforms CI/CD using GitHub Actions or similar Monitoring, alerting, and incident response tooling L2/L3 on-call support within a 24/7 rota What they're looking for Experience supporting cloud platforms ...

threats posed to government systems, critical national infrastructure and strategic interests. You will operate in a highly secure environment, working closely with security operations, incident response, risk, and technical teams to deliver actionable intelligence that supports defensive and strategic decision-making. Key Responsibilities Collect, analyse and assess cyber … actor activity, including TTPs, malware, campaigns and infrastructure Produce high-quality intelligence reports, briefings and threat assessments for technical and non-technical stakeholders Support incident response and SOC teams with timely, contextual intelligence Maintain and develop threat intelligence repositories, playbooks and knowledge bases Contribute to strategic, operational ...

continuously enhances the overall cyber security posture. Key Responsibilities Lead and develop the organisation’s cyber security strategy Oversee security operations, risk management, and incident response Ensure systems, infrastructure, and data are protected against cyber threats Collaborate with senior stakeholders across football and corporate functions Drive security awareness … Required Strong background in information and cyber security leadership Experience in security architecture Knowledge of risk and compliance frameworks (ISO, NIST, etc.) Experience with incident response and SOC environments Ability to influence senior and non-technical stakeholders Experience managing security tooling, vendors, and frameworks Excellent communication and leadership ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...