City of London, London, United Kingdom Hybrid / WFH Options
Maxwell Bond
with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incidentresponse playbooks, reviewing existing policy sets, documenting key BAU and incidentresponse processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incidentresponse playbooks Policy reviews Incidentresponse If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯
with a financial services organisation, utilising their Governance, Risk and Compliance experience to help to strengthen and formalise their security operation documentation. You’ll be leading the creation of incidentresponse playbooks, reviewing existing policy sets, documenting key BAU and incidentresponse processes across the security function and ultimately lead the documentation of security processes. This … position is predominantly remote, though you’ll need to travel to London on occasion for workshops etc Essential skills: GRC Writing incidentresponse playbooks Policy reviews Incidentresponse If you’re available and ready to bring structure and clarity to a busy security team, send me a message and let’s have a quick chat More ❯
defined by the successful and secure deployment of Salesforce as part of the largest transformation programme in the history of the UK charity sector (Engage ). The governance frameworks, incidentresponse protocols, and security strategies you design and embed will lay the foundations for Cancer Research UK's long-term resilience - safeguarding critical data and empowering our lifesaving … threats and vulnerabilities within the Salesforce NPC environment. Security Controls Implementation:Developing and enforcing security controls, policies, and procedures to safeguard sensitive data and ensure compliance with industry standards. IncidentResponse:Establishing and managing incidentresponse protocols to effectively address and mitigate security breaches or incidents. User Training and Awareness:As part of a wider change … on the end-to-end architecture, design, and execution of security strategies and transformational initiatives with the ability to adapt to changing security landscapes and organisational needs. Led effective incidentresponse efforts with experience using security technologies (including encryption protocols, firewalls, intrusion detection systems, and vulnerability assessment tools) to minimise risk and ensure rapid recovery. Subject matter expert More ❯
We are looking for aEngineering Manager, Security Operations to lead and scale security operations across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incidentresponse readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to … For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incidentresponse protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including SaaS security … and reduce operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incidentresponse, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. IncidentResponse: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯
Bradford, England, United Kingdom Hybrid / WFH Options
Tata Consultancy Services
get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Cyber IncidentResponse Consultant Job Type: Permanent Location: Bradford , Hybrid (3 days On-site) Are you looking to leverage your skills in threat detection, response, and coordination? We have … an exciting opportunity for you - Cyber IncidentResponse Consultant! Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands … and thought leadership. Gain access to endless learning opportunities. Lead a team and their technical growth. Lead projects and inspire both colleagues and stakeholders. The Role As a Cyber IncidentResponse Consultant, you will be working with the existing security team to support the customer with monitoring alerts and threats received. You will also be responsible for front More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background … every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security … proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. IncidentResponse: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit More ❯
and services are always reliable, available, and performing at their best. What will yo u be doing? As an SRE, you'll be instrumental in implementing automation, monitoring, and incidentresponse strategies to minimize downtime and optimize our operations. You'll collaborate closely with our development, infrastructure, and security teams, balancing exciting new feature delivery with rock-solid … management practices. System Reliability and Availability Ensure system uptime: Monitor and maintain the availability and reliability of critical systems and services, meeting all uptime SLAs (Service Level Agreements). Incident management: Quickly respond to incidents, investigate root causes, and ensure effective postmortems and continuous improvement processes are in place. Failure detection and response: Proactively identify potential failures or … potential risks in a timely manner, minimizing impact on our players. Metrics collection: Define and track key metrics (e.g., uptime, latency, request rates) to measure system health and performance. IncidentResponseIncident resolution: Work quickly to resolve incidents, minimize downtime, and restore service as fast as possible. Post-incident analysis: After resolving incidents, perform root cause More ❯
Ireland Limited Amazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security IncidentResponse Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly … knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future. - Assisting in … the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incidentresponse capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon More ❯
Southampton, Hampshire, United Kingdom Hybrid / WFH Options
NICE
ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes. Audit Preparation … audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. IncidentResponse Support: Participate in incidentresponse efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute to analyzing cybersecurity … Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incidentresponse frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and security. You will have an More ❯
NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incidentresponse, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incidentresponse and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incidentresponse strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯
to you, please read on. Are you interested in ensuring customer can always watch their favourite movie or show? If so, you might be the right person for the Incident Mgr role in the READI team who drive availability for Prime Video. Key job responsibilities - Lead calls on customer impacting, high severity, outages that drive towards resolution by co … ordinating efforts across multiple engineering and operational teams, including for ambiguous problems we might not have seen before. - Deconstruct complex incidents into workstreams that can be managed by multiple incident responders in parallel. - Monitor and manage communications during high severity events via relevant channels, including being the single point of contact for executive leaders - Drive critical, complex customer escalations … in situations that are sometimes technically challenging in collaboration with Engineering Teams - Own improving the effectiveness of incidentresponse by driving continuous improvement of standard operating procedures and the tools that help you resolve incidents efficiently. - Proactively identify opportunities for improvement through gap analysis, trend identification, and cross-functional collaboration. - Act as a key stakeholder for the engineering More ❯
Thanks to continued growth, we are now seeking a Consultant to join our Cyber IncidentResponse team in London. As the Consultant , you will be responsible for delivering Control Risks' cyber response projects to our clients. This involves undertaking compromise assessments, business email compromise investigations, and leading the technical response on complex cases. The role reports … to the Associate Director of Cyber Response (Technical) and works closely with the Cyber Crisis Management team. The ideal candidate will have an investigative background, technical skills, and a deep understanding of current and emerging threat actors. Role Tasks and Responsibilities Technical Response Lead and assist with host and network-based investigations, collaborating with the Digital Forensics IncidentResponse (DFIR) team. Perform threat hunting using EDR tooling to evaluate attacker movement and prevent further activity. Conduct live compromise assessments for organizations suspecting a breach. Detect and hunt for unknown malware in memory across systems. Assist in commercializing developed technology and automation. Understand existing and emerging threat actors and their tools, tactics, and procedures. Work with the More ❯
Wigan, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information risks for policing. It supports … the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security incidents within the NMC, along … with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, IncidentResponse Planning, Cyber IncidentMore ❯
As part of our Cyber team, you will help us build a world-class security automation, orchestration, and response capability that will navigate challenging security incidents, drive process improvement, and develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools needed to scale our detection and response capabilities across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incidentresponse capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incidentresponse, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts … to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence, IncidentResponse, and Attack Surface Management teams to build and tune robust SIEM detections for proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Partner with third-party vendors and service providers to More ❯
As part of or Cyber team You will help us build out a world class security automations, orchestration and response capability that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools that we need to scale our detection … and response capability across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve the efficiency, scalability, and incidentresponse capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incidentresponse, threat hunting, cyber threat intelligence and vulnerability management. … Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, IncidentResponse, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and More ❯
patch management processes for virtual machines, containers and serverless functions. Integrate vulnerability scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI/CD pipelines. Security Analysis & IncidentResponse Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incidentresponse procedures, leveraging Sentinel playbooks … security subject-matter expert during architecture and design reviews. Mentor and upskill engineers on secure coding and DevSecOps best practices Continuous Improvement Develop and refine security playbooks, runbooks and incidentresponse procedures. Monitor security metrics and key risk indicators and identify opportunities to improve tooling and processes. Evaluate and pilot emerging security technologies, especially within the Microsoft security More ❯
such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments IncidentResponse & Threat Management: Develop and own incidentresponse playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incidentresponse experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯
such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments IncidentResponse & Threat Management: Develop and own incidentresponse playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incidentresponse experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯
response. • Soft Services Management - Ensuring effective delivery of cleaning, waste management, catering, reception, and porterage. • Contract & Supplier Management - Managing outsourced service providers and ensuring compliance with SLAs. • Business Continuity & Incident Management - Developing and maintaining business continuity plans for NBIP (BCP). • Compliance, Insurance & Risk Management - Ensuring adherence to health, safety, and environmental policies. • Mechanical, Electrical & Building Fabric Maintenance - Supporting … control systems, working with the EI Business Support team as needed who locally manage systems within the EI Building. Operational Management • Analyse Business Systems data to identify trends, improve response times, and enhance efficiency. • Work with the FM Business Partner to provide data-driven insights for performance monitoring. • Drive continuous improvement to ensure customer-focused service delivery. Soft Services … ensure compliance and contractual performance. • Develop and sustain relationships with key stakeholders. Security & Access Management • Manage site security services, including contracted security staff, access control, and CCTV. • Ensure robust incidentresponse procedures, coordinating with emergency services when necessary. • Work with internal stakeholders to manage security risks, access controls and mitigate threats. • Oversee visitor management protocols, ensuring compliance with More ❯
automation, cloud technology, and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incidentresponse and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incidentresponse during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or IncidentResponse, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯
automation, cloud technology, and fast-paced problem-solving-and want your work to have a real impact-this could be the perfect role for you. Key Responsibilities Lead security incidentresponse and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incidentresponse during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or IncidentResponse, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯
addresses computer vulnerabilities in internal servers, external servers, and applications (cloud or on-premises) and collaborates with stakeholders to ensure associated risks are mitigated and closed. Follows the Security Incident Management Response Policy in responding to security incidents and guides the IncidentResponse Team in handling information security incidents, to include advising and participating in remediation … similar field. Possess certifications from accredited bodies, including Microsoft SC-200, Certified SOC Analyst (CSA), CompTIA CySA+, GIAC Security Operations Certified (GSOC), GIAC Continuous Monitoring Certification (GMON), GIAC Certified Incident Handler (GCIH), CCNA Cyber Ops, or other specialized security certification that assesses the candidates' security analysis, SOC operations, and incident handling skills. Substantial experience in information security across … knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic). Understanding of event and incident investigations and incidentresponse in a 24/7 SOC environment. Proficiency in configuring and managing security technologies such as firewalls, IDS/IPS, SIEM, DLP, and More ❯
organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving demand for security operations specialists, incidentresponse teams and forensic analysts. Supply chain risk is under the spotlight Breaches linked to third-party providers have exposed vulnerabilities beyond company walls. In response, organisations … evolving threats and advising on proactive measures. Typical salary: £50,000 to £85,000 Cybersecurity Analyst - A key all-rounder role, analysts monitor networks, investigate suspicious activity and support incidentresponse efforts. They are often the first to identify and flag vulnerabilities. Typical salary: £45,000 to £70,000 We're also seeing new hybrid titles emerge, such … business. The Skills Employers Are Prioritising Employers are looking for more than technical knowledge, they're searching for people who can make a real impact. Core technical skills include: Incidentresponse and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO More ❯
Cheadle, Staffordshire, United Kingdom Hybrid / WFH Options
Pets at Home
to hear from you. This is more than just a security role, it's a chance to: Contribute to the design and implementation of security controls, tools, monitoring, and incidentresponse processes. Work with modern cloud technologies, especially Microsoft Azure, to secure scalable microservices and infrastructure. Help shape and implement security best practices, threat detection, and incidentresponse strategies. What you'll be doing Designing and implementing security controls & tooling across our hybrid-based infrastructure, with a focus on Microsoft Azure. Monitoring and responding to threats using tools like SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the … business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incidentresponse procedures. Participating in the Information Security on-call rota. What you'll bring: 2+ years of hands-on cybersecurity experience, with a focus on cloud environments such as Microsoft Azure. A More ❯