226 to 250 of 563 Incident Response Jobs in England

and Senior Research teams, you'll validate alerts, identify platform-level issues, and fine-tune detection mechanisms-all while helping to strengthen the consistency and quality of our threat response offerings. What Makes This Role Unique? Recorded Future's Managed Services team blends tactical analysis with platform-level insights. You're not just triaging-you're actively shaping how … SOPs scale, and how we partner with Triage Analysts. It's a launchpad for developing deep threat expertise at scale. What you'll do as an Associate Threat Intelligence Response Analyst: 1) Triage & Analysis Independently triage green/amber alerts and Swimlane cases for assigned accounts Conduct threat research escalated by senior analysts-covering phishing, credential harvesting, fraudulent domains … report alerting rule issues, platform bugs, or inefficiencies Partner with product/engineering to tune detection rules and correlation logic Draft and enhance SOPs that streamline daily research and response workflows Collaborate closely with the Triage Analyst team on pre-escalation activities 4) Service Delivery Support shift hours (9AM-5PM local), ensuring alerts are addressed timely and accurately Travel More ❯

while staying updated on the latest security threats and trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data within Azure Sentinel. More ❯

Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead More ❯

strategies. Your responsibilities will include maintaining detailed documentation on security architecture, patterns, and practices, advising on critical aspects such as data protection, identity and access management, network security, and incident response within Azure. Staying abreast of the latest Azure security capabilities, threats, vulnerabilities, and industry trends will be essential. You will also support audit, compliance, and regulatory requirements More ❯

AWS Lambda. Expertise in compliance standards such as GDPR, HIPAA, SOC2, and ISO 27001. Experience with advanced security practices such as zero-trust architecture, encryption key management, and security incident response. Why Apply? Senior/Lead role with the ability to influence key architectural decisions. Opportunity to work on cutting-edge cloud technologies and large-scale projects Employer pension More ❯

ISO 27001, and Cyber Essentials audits - including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM - including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate security alerts from … Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

that actively defends against emerging threats while enabling our product and platform to scale securely. You'll define and deliver our SOC strategy, including operational tooling, automation pipelines, and response workflows-ensuring Ki remains resilient, compliant, and 'incident ready'. Working closely with Product and Technology teams, you'll drive a DevSecOps agenda that embeds security throughout the … development lifecycle, while partnering with our external security service providers to optimise detection and response capabilities. This role demands a deep engineering mindset and an appetite for innovation. You'll design and implement automated detection and response pipelines, integrate advanced threat intelligence, and lead the use of behavioural analytics and attack simulation across our environment. Your technical breadth … and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. You will also bring hands-on experience in threat hunting, log analysis, red/blue team operations, and incident response coordination-building tooling and processes that respond to real-world threats at scale. You will report directly into the CISO, with a clear mandate to build the More ❯

Remote Job type: Contract Position Overview: Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations View job & apply Location: Greater London Job type: Permanent Financial Service firm seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds … Bank's Vulnerability Management controls and providing security input for vulnerabilities which threaten the organisation. Experience Understanding of vulnerability lifecycles, standards and ratings Risk assessing findings to determine appropriate response with a proactive approach to recording, management and escalation of risks Increasing the quality of vulnerability reporting automation to reduce manual effort Advanced analytical and problem-solving techniques with More ❯

organisation's cyber resilience. This is a high-impact leadership role requiring strong stakeholder engagement, risk management, and delivery assurance across a portfolio of cyber initiatives, including threat intelligence, incident response, secure cloud transformation, and third-party risk management. Key Responsibilities: Lead the end-to-end delivery of cybersecurity programmes aligned with financial services regulations and business objectives. More ❯

What you'll be doing Drive improvements to cyber security posture across internal and customer-facing platforms Design and secure cloud-based infrastructure and customer applications Perform threat detection, incident response , and vulnerability remediation Maintain security architecture documentation and collaborate with third-party vendors Conduct threat intelligence research and recommend ongoing improvements What you'll need Strong technical More ❯

with the latest security vulnerabilities, threats, and trends to proactively address potential risks. Collaborate with other security and IT teams to ensure a cohesive approach to vulnerability management. Support incident response activities by providing expertise on vulnerabilities and potential attack vectors. Examples of Key Activities Conduct regular vulnerability assessments and penetration testing to identify security weaknesses. Develop and More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications,Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. WHAT IS THE SCOPE OF THE ROLE? The following list is not exhaustive but gives More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications, Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. What is the scope of the role? The following list is not exhaustive but gives More ❯

and capable individual with: At least 2 years' experience in a Security Analyst role , ideally in a SOC or equivalent environment. Proficiency in SIEM tools , system log analysis, and incident response. Strong understanding of data networks and vulnerability management . SC Clearance (essential); must be eligible for DV clearance . UK nationality only (sole nationality required for this role More ❯

developed in ENG and non-ENG teams. This would include Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc. Work with other security teams to provide support for Incident Response and Vulnerability Response as and when needed. Work with the results of SAST tools to help evaluate and identify false positives and file defects for real More ❯

laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and device touchpoints globally. Key Responsibilities … healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. Ensure high-fidelity logging and alerting … background in automation, scripting, and observability practices. Experience working with large, global device fleets and BYOD models. Preferred Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional More ❯

Security Tools: Familiarity with firewalls, antivirus, and IDS/IPS systems. Scripting: Basic understanding of Python, Bash, or PowerShell. Vulnerability Assessment: Experience using tools like Nmap, Nessus, or OpenVAS. Incident Response: Foundational knowledge in managing and responding to security incidents. Security Frameworks: Awareness of common frameworks such as MITRE ATT&CK and NIST. Consultancy Skills: Strong ability to … explain technical topics clearly to non-technical stakeholders. Analytical and solution-oriented when approaching security challenges. Professional client interaction and relationship-building. Comfortable documenting policies, procedures, and incident reports. Enjoys teamwork and thrives in collaborative environments. Highly motivated to learn and grow in a fast-paced company. Curious about evolving cybersecurity trends and committed to staying ahead. What We More ❯

act as first point of contact in to Cyber Operations for internal and external stakeholders. Working with specialists across the Cyber SOC areas which cover PBT Threat Hunting, Security Incident Response, Cyber Discovery, Cyber Forensics & Investigations & Cyber Intelligence. You will be involved in maintaining a capability that will leverage tools, data and our 'ringside seat' to proactively find … reactive 1st line team triaging security events and effectively managing Cyber Security issues. Monitor, analyse and defend against malicious or unusual activity that could be indicative of a security incident or compromise. Support the wider SOC team's goal is to detect, analyse, investigate and respond to cybersecurity incidents using a combination of cutting-edge technology and a strong … A genuine enthusiasm and drive to work within Cyber Security Ability to multi-task, prioritize, and manage time effectively Calm & Decisive under pressure: effective at driving calm and effective response to cyber security issues Communication, Visual & Written skills: Very strong communication, visual & written skills, Proficient in Microsoft Office Applications Drive to learn: ability to learn while on the job More ❯