26 to 50 of 346 Incident Response Jobs in England

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge

policies, and standards. Conduct risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead … incident response and recovery, including investigations and post-incident reviews. Deliver security training and awareness programs across the business. Assess and monitor vendor and third-party security compliance. Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks

delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will … involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking

image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time … onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incident response when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services

/CD principles to automate detection engineering workflows, boosting operational efficiency. Build and optimize security playbooks to streamline detection, threat hunting, and incident response activities. Develop, automate, and enhance our threat detection and response capabilities. Work closely with security analysts and other stakeholders to identify and address … gaps in incident response capabilities. Keep up with current threat intelligence, emerging trends, TTPs, and vulnerabilities to adapt our detection strategies and effectively respond to evolving threats. About You Strong understanding of AWS cloud platforms with proficiency in a wide range of AWS services (e.g.

Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier … Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence.

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence.

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence.

activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits … intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing

architecture, and project teams to improve security posture and integrate security into business processes. Respond to and investigate security incidents, participate in troubleshooting and incident response activities. Provide oversight and support for Security Operations Center (SOC) activities. Develop and enforce security policies, standards, and procedures. Educate and mentor … IT. Hands-on experience with vulnerability management, patch management, and security platforms. Experience developing and auditing governance, risk, and compliance controls. Experience in incident response and security project delivery. Experience managing or participating in security-related projects is a plus. Excellent IT skills, including networking, operating systems (Windows

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence

About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities. Youll be at the forefront of detecting, analysing and responding to evolving threats, ensuring our technical security controls and frameworks … hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed

role in protecting a large-scale, high-availability environment, acting as an escalation point for complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling … malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems and using threat intelligence to strengthen detection capabilities. Producing clear, concise incident reports for senior stakeholders, including non-technical audiences. Supporting junior analysts with guidance, best practice coaching and career development (no formal line management).

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote

threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation … events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases

where you'll help set the direction for cybersecurity, manage risk, and ensure compliance across all environments. You'll lead a dedicated team, drive incident response, and work closely with senior stakeholders to safeguard critical systems and data. This is an excellent opportunity for an experienced professional … aligned with best practice frameworks and industry standards Take the lead on risk assessments and vulnerability reviews, implementing robust controls to mitigate threats. Manage incident response processes, including preparation, detection, resolution, and post-incident analysis. Mentor and develop the cybersecurity team, ensuring they have the tools

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security

develop and learn new skills, this could be the role for you. Everyone that joins us is required to undertake training and participate in incident response duties when the need to respond arises. Having an incident role is an essential part of working for the Environment Agency … active way to support communities and prevent harm to the environment. Further information on incident response can be found within your candidate pack. You'll have access to our great benefits package, including generous annual leave, excellent pension and flexible working arrangements. We also offer extensive training

develop and learn new skills, this could be the role for you. Everyone that joins us is required to undertake training and participate in incident response duties when the need to respond arises. Having an incident role is an essential part of working for the Environment Agency … active way to support communities and prevent harm to the environment. Further information on incident response can be found within your candidate pack. You'll have access to our great benefits package, including generous annual leave, excellent pension and flexible working arrangements. We also offer extensive training