26 to 50 of 157 Incident Response Jobs in England

development. Module Expertise: Serve as a subject matter expert (SME) in ServiceNow functional and operational modules, including Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Provide guidance and support to internal teams on module configuration, workflows, and integrations. Expansion Projects: Lead expansion initiatives … a focus on architecture design and implementation. Strong expertise in ServiceNow functional and operational modules such as Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Proven track record of leading expansion and integration projects within the ServiceNow environment. Hands-on experience with ServiceNow more »

development. Module Expertise: Serve as a subject matter expert (SME) in ServiceNow functional and operational modules, including Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Provide guidance and support to internal teams on module configuration, workflows, and integrations. Expansion Projects: Lead expansion initiatives … a focus on architecture design and implementation. Strong expertise in ServiceNow functional and operational modules such as Virtual Agent (VA), Human Resources (HR), and Incident Response Management System (IRMS). Proven track record of leading expansion and integration projects within the ServiceNow environment. Hands-on experience with ServiceNow more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

Head Cyber Security Operations, CISO and other stakeholders across Group businesses. Act as Silver commander for Cyber Security Incidents, leading on tactical support in response to a security incident and coordinate response efforts to minimise the impact of cyber threats and avoid/reduce business impact across … all Group businesses. (This may from time to time involve acting as silver commander leading on a cyber security incident outside of typical business hours) Provide reporting on ticket activity and SLA adherence on a weekly basis to the Group IS management team across all Group businesses to Group … for improvement. Stay informed about the latest cybersecurity trends and threats to proactively protect the organisation's digital assets. Develop, maintain, and test cyber incident response plans, playbooks, and procedures to ensure a timely and effective tactical response to cyber incidents across all Group businesses in collaboration more »

Leadership: Lead and manage a growing team of CSOC analysts. Technical Controls: Ensure the organization's technology estate is protected against cyber-attack risks. Incident Response: Lead response procedures and investigations of security events or incidents. Process Improvement: Identify potential process improvements and maintain organizational readiness. Automated more »

Leadership: Lead and manage a growing team of CSOC analysts. Technical Controls: Ensure the organization's technology estate is protected against cyber-attack risks. Incident Response: Lead response procedures and investigations of security events or incidents. Process Improvement: Identify potential process improvements and maintain organizational readiness. Automated more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »

NIS2, GDPR, EPCIP, etc. Virtualisation technology, including containerisation (eg. Docker, Kubernetes, Linux etc.) Host based security products (threat detection, mitigations, end user detection and response, micro segmentation, zero trust) Experience working within an ITIL environment, or a structured platform management, in particular change and incident management Professional certifications … for new infrastructure & digital deployments, and the existing ones Design and dynamically re-adjust the cyber capabilities based on cyber threat landscape Lead Cyber incident response, do post-incident-reviews (PIRs), route-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action more »

standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security Incident Response processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »

connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Incident Responder - Cyber Security - Middle East BAE Systems Digital Intelligence has been contracted to deliver a National Cyber Security Programme in the Middle East as … for 12 months so there are no options for hybrid working as the majority of time will be spend on client site. As an Incident Responder you will be responsible for the Triage of cyber security incidents, determining and categorising which incidents cross the threshold becoming National cyber security … media releases. Manage Incidents on site and across multiple sites. Conduct on-site analysis and collection of data for depth support as part of incident investigation. Identify and propose remediation activities and identify security improvements to prevent future incidents. Direct client IR Teams and In-house malware and forensics more »

for the junior analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will also have the opportunity … L1 and L2 analysts, including objectives setting, performance management/reviews, training & development, and BAU activities including shift cover etc. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours … Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity. Identify, create and implement more »

testing methodologies and processes for web, thick-client and mobile applications Experience with Splunk and/or other SIEM platforms Threat modelling, intelligence and incident response Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem Management) Operational resilience, business continuity planning and more »

information systems producing control responses, a specialised intelligent devices, which are not designed to perform any task-This specialised computing device is intelligent and response to a particular needs in a specific task). Task using bandwidth for each device this device can communicate internally and documize on the … backup, Identitymanagement, access control, key management at the edge-Generating, using, storing, archiving, deleting, and protection of the encryption keys at the edge. INCIDENTS RESPONSE- (Establish a incident reporting lines and Disaster recovery plans in conformity defined by DFARS 7012 requirements) Defense Federal Acquisition Regulation E.g Conduct annual … incident response exercises, (Strongly recommended to report the amount of information protected by a given key, amount of exposure if a single key is compromised, time available for a one to penetrate physical procedural and logical access, period with indent information maybe compromised by In advice time s more »

integration with security control frameworks. Oversee the implementation and operation of controls to meet identified security control objectives. Advise operations teams supporting computer security incident response activities related to intrusion detection monitoring, scanning, cyber threat reporting, and development/implementation of vulnerability mitigation strategies. Develop trusted advisor relationships … including: Security by Design Network and Infrastructure Security End point security controls Vulnerability management Configuration and compliance management Risk management Policy and standards management Incident handling Application security (WAFs, Static and Dynamic analysis, OWASP) Security event monitoring Data protection and encryption (HSM, SEDS, Database encryption ) Disaster Recovery Business Continuity more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

alerts - Analyse and respond to security events - Conduct root cause analysis and forensic investigations - Collaborate with IT and security teams to resolve incidents - Maintain incident response procedures and documentation Desirable Skills: - Experience with Microsoft technologies (Windows Server, Active Directory, Azure) - Knowledge of Elasticsearch and Linux - Familiarity with SIEM more »

policies and procedures to protect the confidentiality, integrity, and availability of the organization's data and systems. They also build and manage the security incident response team and coordinate with other departments and external stakeholders to ensure compliance with security standards and regulations at global scale. Job Description more »

root cause analyses, and monitoring the implementation of corrective measures.Assess and contribute to the ongoing development of documentation concerning cloud security policies, procedures, and incident response plans, including the delivery of management KPIs.Assist in creating and implementing security controls that align with regulatory requirements and business goals.Engage in more »

to protect the businesses internal/customer data in line with current legislations. Developing and embedding mature processes that focus on Risk Management and incident response. Carry out risk assessments and conducting frequent GDPR compliance audits. Work with stakeholders to develop Business Continuity and Disaster Recovery plans across the more »

include, but are not limited to: Design, develop, and maintain Python-based integrations and automation solutions within Google Chronicle, enhancing threat intelligence, detection, and incident response capabilities. Lead the strategic integration of Google Chronicle within Fortrea's cybersecurity infrastructure, optimizing its utility for security analytics and operations. Direct … applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. Relevant certifications such as CISSP, GCIH, or Google more »

Awareness. Travel to other Ascential offices may be required from time to time which provides opportunity for international travel. Your team also carries out incident triage and investigation including malware analysis and some digital forensic work. If these are not areas that you are already experienced in, then this … a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response Running product evaluations to select new commercial and open source Information Security solutions Creating and delivering engaging cyber security awareness content Running regular internal … auditing activity to discover vulnerabilities, threats, and breach of company security policy Shaping and executing our Cyber Incident Response process when necessary Your Experience Minimum three years experience in an Information Security role Experience of working in an Enterprise IT team or a managed hosting environment/ISP more »

understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incident response procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »

understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incident response procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »

and a solid business acumen to deal with other senior stakeholders across the business. This role would suit those with an extensive history in Incident Response , Threat Hunting and Threat Intelligence services who are used to working in a high-pressure environment and managing geographically dispersed teams across … responsibilities will be: Manage and develop a global team of L3 Threat Hunting, Forensic & Threat Intelligence specialists, providing expert assistance during a major cyber incident and for routine investigations escalated by the SOC. Proactively analyse the WTW estate in a threat-led manner looking for signs of compromise, acting more »

week, 09:00-17:30 with an hour for lunch Ability to work nights, weekends and/or holidays in the event of an incident response emergency Reward Package: - £40,000 - £45,000 DOE 25 days annual holiday + Birthday off in addition and option to buy/… security experts are available 24/7, defending our customers with expertise and diligence. Cyberfort Groups Team provide a world class Extended Detection and Response (XDR) services; detecting, responding and mitigating cyber-attacks on our customers networks in our Security Operations Centres using a combination of our SOAR, Elastic more »