176 to 200 of 499 Incident Response Jobs in England

mitigating vulnerabilities and ensuring compliance with data protection laws (e.g., GDPR). Establish, implement, and maintain security policies, standards, and operational controls; support audits, incident response, vulnerability remediation, and ensure effective use of security tooling (eg., Sentinel, Defender for Cloud, SIEM). Work closely with Operational Risk, DevOps ...

supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problemsolving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent communication ...

Security Check (SC) clearance Experience responding to RFPs and shaping solutions for multi-service opportunities. Knowledge of managed security services (e.g., SOC, MDR) and incident response readiness. Exposure to regulated sectors (e.g. Financial Services, Energy, Critical Infrastructure). Familiarity with privacy and compliance frameworks (e.g. GDPR). ...

issues Maintain and configure observability platforms such as Datadog Proactively monitor production and other environments to ensure stability, availability, security and integrity Participate in incident response, troubleshooting, and root cause analysis to mitigate and prevent future issues Work closely with engineering, support and operations teams to upskill ...

data protection controls are consistently applied and reviewed. Proactively identify, communicate, and mitigate operational and security risks. Operational Excellence Undertake proactive monitoring, alerting, and incident response processes. Participate in the on‐call rota. Contribute to improvements in tooling, automation, and operational processes to reduce toil and increase reliability. ...

Security Analyst, youll act as a senior technical escalation point within the SOC, supporting the wider analyst team while leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity … work, candidates must have current SC clearance and be eligible to obtain UK Government DV clearance. What Youll Be Doing Lead the investigation and response to complex cyber security incidents across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during ...

/CD pipelines with blue-green, canary, and rolling deployments, including automated, zero-downtime database releases. Implement comprehensive monitoring, logging, alerting, and automated incident workflows with clear reporting. Strengthen cloud security posture (IAM, secrets, vulnerability scanning) and embed DevSecOps practices while maintaining PCI-DSS compliance. Drive reliability through SLIs …/SLOs, incident response, disaster recovery testing, and capacity planning for peak events. Optimise performance and cost across hybrid environments through right-sizing, forecasting, and resource governance. Apply AI-driven tooling for anomaly detection, operational optimisation, and compliance automation. Collaborate cross-functionally, maintain documentation, and promote DevOps best ...

Development Manager to lead two strategically important engineering groups within Enterprise Infrastructure (EI): Security Automation Engineering (SAE) – the development arm of the Cyber Security Incident Response Team (CSIRT), responsible for building automated detection and response systems; Enterprise Infrastructure Application Development (EIDev) – a new and growing team responsible … patterns, deployment architectures and modernisation strategies across on‐premise and AWS environments; driving legacy application migration, architectural governance and technical debt reduction. Automated detection & response capabilities: Leading SAE initiatives, integrating with Elastic Security, Azure DefenderXDR and AWS SecurityHub. Supporting the wider EI organisation: Collaborating with infrastructure, networking, identity ...

growing cyber security team based in South Manchester. You will play a key role in protecting critical systems, improving security posture, and supporting incident response across a modern hybrid IT environment. This is a hands-on technical role where youll work closely with infrastructure, cloud, and SOC teams … respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards ...

Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst … contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency ...

future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What … interested in speaking with candidates from backgrounds such as: * Security Operations Manager * Lead Security Engineer * Senior Security Engineer * Senior SOC Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/ ...

event-driven workflows. Automation & Toil Reduction at Scale Lead the design of automation frameworks that eliminate manual operational tasks across multiple domains. Translate incident learnings and operational inefficiencies into scalable automation and preventative controls. Drive adoption of automation-first principles, reducing dependency on human-driven processes. Contribute … telemetry, monitoring, alerting, and operational visibility across all critical systems. Ensure services are observable, measurable, and support proactive detection of issues. Improve operational readiness, incident response effectiveness, and time-to-recovery through engineering solutions. CI/CD & Platform Integration Contribute to the design of CI/CD patterns ...

join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while remaining at the forefront … attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). ...

high-calibre quantitative investment firm building a new security function alongside a completely refreshed technology environment. This is a rare opportunity to shape Detection & Response properly from day one, rather than inherit a noisy SIEM, half-owned tooling and legacy processes. The role suits a deeply technical security engineer … turn those opinions into production-grade capability. You’ll work closely with senior security leadership to design the data, tooling, automation and response foundations that protect a fast-moving investment platform... Key Responsibilities Define and build the firm’s Detection & Response capability across endpoint, network, cloud and internal ...

secure identity and access management across Azure, Entra ID, and Microsoft 365. Help improve secrets management, patching, vulnerability management, auditability, backup and recovery, and incident readiness. Work with internal stakeholders on security remediation and infrastructure compliance priorities. Monitoring, support, and operational readiness Improve monitoring, logging, alerting, dashboards, and operational … healthtech, regulated SaaS, or another compliance-driven environment. Experience with frameworks such as Cyber Essentials, SOC 2 or ISO 27001 Experience with observability tooling, incident response processes, and production support improvement. Experience managing or supporting Windows servers and mixed environments. Experience with SQL Server, database administration, or performance ...

Egress and MFA solutions. Produce technical documentation and support continuous improvement initiatives across IT systems and services. Assist with information security compliance, audits and incident response activities aligned to Cyber Essentials and ISO27001 standards. Participate in an out-of-hours on-call rota and provide occasional support across ...

vulnerability management, and compliance controls into engineering workflows. Collaborate with software development teams to improve secure coding practices. Develop and maintain monitoring, logging, and incident response automation. Support threat modelling and secure architecture reviews. Drive DevSecOps best practices across engineering teams. Contribute to platform engineering and cloud-native ...

across the business Design and implement secure cloud environments and production‐grade infrastructure Lead security initiatives including vulnerability management, threat modelling, penetration testing, and incident response planning Build and evolve CI/CD pipelines, release management processes, and deployment automation Establish observability, monitoring, logging, alerting, and operational runbooks ...

solutions such as Cisco DUO and Microsoft Authenticator * Assist with secure access technologies, including SASE platforms (e.g. Check Point Harmony) * Contribute to security monitoring, incident response, and remediation activities ________________________________________ Infrastructure & Networking * Assist with the administration of firewalls, particularly Cisco Meraki * Support and maintain network infrastructure, including switches ...

deployment processes. Write and maintain automation scripts for infrastructure provisioning, configuration, and deployment. Create operational tooling and scripts to streamline monitoring, logging, backups, and incident response. Collaborate with software engineers to ensure integration between application code and infrastructure. Monitor system performance, availability, and reliability using appropriate tools and metrics. ...

deployment processes. Write and maintain automation scripts for infrastructure provisioning, configuration, and deployment. Create operational tooling and scripts to streamline monitoring, logging, backups, and incident response. Collaborate with software engineers to ensure integration between application code and infrastructure. Monitor system performance, availability, and reliability using appropriate tools and metrics. ...

Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both … edge technology and a strong set of processes. The NMC Cyber Detect Analysts will work closely with teams across the NMC, typically with the Incident Response Teams to ensure security issues are addressed quickly upon discovery. NMC Cyber Detect Analyst duties involve but are not limited to: Initial ...

Join a growing cyber security team where you'll play a key role in protecting customer environments, leading incident response, and driving continuous security improvements. What you'll do: Investigate and respond to complex security incidents Build and optimise SIEM detections and response playbooks Develop automation using ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security … Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications – Essential ...