251 to 275 of 666 Incident Response Jobs in England

NCSC) Develop and deliver a Security Assurance Testing program, including internal and external audit, penetration testing and associated activities. Represent the university in regulatory or assurance activities and lead response to security audits and assessments. Own the university's information security policy framework, ensuring policies are effective, enforceable, and reflective of regulatory and operational needs. Provide strategic input into … the security incident response capability, ensuring robust governance, timely escalation, and cross-functional collaboration with CSIRT and key stakeholders. Collaborate on the development and continual improvement of enterprise-wide remediation strategies and readiness planning. Provide strategic insight for information security risk management, ensuring effective collaboration to maintain an accurate, prioritised, and actionable university-wide risk register. Set the More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate security alerts from … Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

that actively defends against emerging threats while enabling our product and platform to scale securely. You'll define and deliver our SOC strategy, including operational tooling, automation pipelines, and response workflows-ensuring Ki remains resilient, compliant, and 'incident ready'. Working closely with Product and Technology teams, you'll drive a DevSecOps agenda that embeds security throughout the … development lifecycle, while partnering with our external security service providers to optimise detection and response capabilities. This role demands a deep engineering mindset and an appetite for innovation. You'll design and implement automated detection and response pipelines, integrate advanced threat intelligence, and lead the use of behavioural analytics and attack simulation across our environment. Your technical breadth … and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. You will also bring hands-on experience in threat hunting, log analysis, red/blue team operations, and incident response coordination-building tooling and processes that respond to real-world threats at scale. You will report directly into the CISO, with a clear mandate to build the More ❯

capacity. Maintain and regularly review all relevant processes and documentation. Essential Skills and Experience: 5+ years in threat intelligence, vulnerability management, or cyber threat research. Strong background in technical incident response and cyber threat analysis. Deep understanding of threats targeting government and CNI environments. Proficient in open-source intelligence (OSINT) gathering and analysis. High-level knowledge of Windows More ❯

What you'll be doing Drive improvements to cyber security posture across internal and customer-facing platforms Design and secure cloud-based infrastructure and customer applications Perform threat detection, incident response , and vulnerability remediation Maintain security architecture documentation and collaborate with third-party vendors Conduct threat intelligence research and recommend ongoing improvements What you'll need Strong technical More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

senior stakeholders to communicate risks effectively. What We're Looking For Technical Expertise: 5+ years of experience in threat intelligence, vulnerability management, or cyber threat research. Hands-on technical incident response and management experience. Strong understanding of emerging threats targeting government and CNI. Proficiency in Open-Source research, Windows/Linux operating systems, core networking concepts, and cloud More ❯

implement policies, standards, and controls. Lead security risk assessments, audits, and compliance initiatives and promote security awareness and training programs tailored to business needs. Support business continuity planning and incident response, including participation in on-call duty in connection with security incidents Monitor and report on key security metrics and risk indicators. Identify, register and assess cyber risks More ❯

with the latest security vulnerabilities, threats, and trends to proactively address potential risks. Collaborate with other security and IT teams to ensure a cohesive approach to vulnerability management. Support incident response activities by providing expertise on vulnerabilities and potential attack vectors. Examples of Key Activities Conduct regular vulnerability assessments and penetration testing to identify security weaknesses. Develop and More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

testing and documentation. Conduct regular data audits, integrity checks, and deduplication processes to ensure data quality and recoverability. Develop and maintain comprehensive documentation for system configurations, recovery procedures, and incident response plans. Monitor system performance, logs, and alerts to proactively identify and resolve issues. Train and support end-users on Salesforce functionality, security best practices, and continuity procedures. More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications,Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. WHAT IS THE SCOPE OF THE ROLE? The following list is not exhaustive but gives More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications, Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. What is the scope of the role? The following list is not exhaustive but gives More ❯

and capable individual with: At least 2 years' experience in a Security Analyst role , ideally in a SOC or equivalent environment. Proficiency in SIEM tools , system log analysis, and incident response. Strong understanding of data networks and vulnerability management . SC Clearance (essential); must be eligible for DV clearance . UK nationality only (sole nationality required for this role More ❯

developed in ENG and non-ENG teams. This would include Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc. Work with other security teams to provide support for Incident Response and Vulnerability Response as and when needed. Work with the results of SAST tools to help evaluate and identify false positives and file defects for real More ❯

CD practices to accelerate delivery and improve consistency. Compliance and Security Controls: Implement and monitor controls to ensure infrastructure build and release processes meet regulatory and internal compliance requirements. Incident and Problem Management: Oversee incident response and root cause analysis related to build and release operations, ensuring timely resolution and preventative measures. Performance Monitoring and Optimization: Monitor … application, and security teams to ensure build and release operations support broader infrastructure and business goals. Documentation and Reporting: Maintain accurate documentation of build and release procedures, configurations, and incident reports. Provide regular updates to senior management. Skills & Experience Strong leadership skills with experience managing technical teams. Proven experience managing infrastructure build and release operations in hybrid cloud and More ❯

holder will own the development and delivery of key reporting such as the board approved resilience self-assessment, a regulatory requirement. The role is integral to the firm's response regulatory feedback. Skills vital to this role include: Board ready written communication skills Advanced visual presentation Execution of group-wide processes Regulatory and internal reporting Design of controls, KIs … and metrics Knowledge of Resilience Purpose of the role To develop, implement, and maintain an effective resilience strategy and Operational Recovery Planning and Incident Management framework aligned to industry leading standards and controls and regulatory expectations, to enable the bank to respond and recover important business services to severe but plausible scenarios, and minimise the impact to customers, clients … firm (e.g. SMRs and delegates, business/function resilience role owners and all colleagues), ensuring complaince to the standard and controls. Development and enhancement of the resilience, crisis and incident management framework to uplift recovery and response capabilities to ensure Important Business Services can continue to operate during disruption events to minimise the impact on customers, clients and More ❯

laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and device touchpoints globally. Key Responsibilities … healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. Ensure high-fidelity logging and alerting … background in automation, scripting, and observability practices. Experience working with large, global device fleets and BYOD models. Preferred Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional More ❯

security frameworks emphasizing continuous evaluation of user, device, and session risk Configure and troubleshoot SSO, Provisioning, and any other MFA integrations with enterprise applications Track and incorporate operational/incident trends to evolve enterprise IAM and security posture Troubleshoot and resolve complex identity and endpoint security issues in real time Maintenance of Microsoft Intune, to support device compliance, configuration … profiles, and related security controls to improve security postures Maintenance of Microsoft Defender for Endpoint, with a strong understanding of threat protection, attack surface reduction, and endpoint detection and response Maintenance of Microsoft Sentinel, to aid in building and managing analytics rules, workbooks, playbooks, and incident response workflows within a SIEM environment Perform cloud security analysis, configuration More ❯

Security Tools: Familiarity with firewalls, antivirus, and IDS/IPS systems. Scripting: Basic understanding of Python, Bash, or PowerShell. Vulnerability Assessment: Experience using tools like Nmap, Nessus, or OpenVAS. Incident Response: Foundational knowledge in managing and responding to security incidents. Security Frameworks: Awareness of common frameworks such as MITRE ATT&CK and NIST. Consultancy Skills: Strong ability to … explain technical topics clearly to non-technical stakeholders. Analytical and solution-oriented when approaching security challenges. Professional client interaction and relationship-building. Comfortable documenting policies, procedures, and incident reports. Enjoys teamwork and thrives in collaborative environments. Highly motivated to learn and grow in a fast-paced company. Curious about evolving cybersecurity trends and committed to staying ahead. What We More ❯

with the cybersecurity team to integrate DLP measures with broader security initiatives. Your responsibilities: Monitor DLP Systems – Oversee and manage DLP alerts to prevent unauthorized data access and leakage. Incident Analysis – Investigate DLP security incidents, provide reports, and recommend corrective actions. Policy Implementation & Maintenance – Assist in deploying and updating DLP policies, configurations, and security controls. User Support & Training – Provide … security measures and infrastructure. Your Profile Essential skills/knowledge/experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts, analyze logs, and resolve issues efficiently. Regulatory Compliance Knowledge – Understanding of GDPR, ISO 27001, and other industry standards related to data … Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now. More ❯