276 to 300 of 559 Incident Response Jobs in England

tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating dashboards, and writing KQL queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune/Endpoint More ❯

within our AWS cloud environment. Act as a subject matter expert on cloud security (AWS), DevSecOps, and application security, providing guidance and mentorship to other engineers. Contribute to the incident response planning for complex cloud and application security events. Proactively monitor the threat landscape, evaluate emerging cloud security risks and trends, and translate them into actionable security improvements. More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting ?? Required Skills & Experience At least 2 years' experience in a dedicated Security Analyst role Hands-on experience with: SOC operations SIEM tools Vulnerability management Incident response and investigation Log and event analysis ?? Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education ?? Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance will be needed) DV Bonus: 10% of base salary upon clearance and project deployment More ❯

growth and an ability to propel important work streams which could range from supporting the build out of our threat hunting and operations capabilities, improving our playbooks and breach response, to Cloud anomaly detection and response. This is a great opportunity to learn and develop within a forward-thinking DevSecOps focused team. You'll be provided with technical training … areas Who you are: Keen interest in security, with the want to develop. Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud environments AWS and GCP Python experience preferred What's in it for you More ❯

relationships between business services and underlying infrastructure • Identify and build business applications from discovered/ingested Asset data and mature a ServiceNow-Splunk integration for enhanced security monitoring and incident response. • Configure and enhance ServiceNow SIR and SecOps modules to support CSOC incident response and Vulnerability Management capability. • Develop and maintain documentation for all configurations and customisations. More ❯

non-technical individuals. Conduct configuration compliance scanning of systems to ensure the devices remain compliant with the nominated standard and don't deviate from the configuration baseline. Monitor Security Incident and Event Monitoring tools to identify potentially cybersecurity events of interest, including suspicious activity and indicators of compromise. Ensure all cybersecurity incidents are reported expeditiously and handled appropriately in … accordance with the Incident Response Plan. Provide support to Authorisation assessments to ensure the system maintains its Authorisation to Operate. Conduct user privilege audits to review personnel privilege levels ensuring the principle of least privilege is consistently applied. Coordinate and cooperate with project stakeholders to ensure cybersecurity activities are appropriately prioritised and implemented within the scheduled activities. About More ❯

is seeking a Director of Risk & Control Assurance (1LOD). This is a high-impact role focused on overseeing and managing remediation activities, including Internal audit remediation, Vulnerability and incident trending (e.g. post-incident reviews) and Managing residual risks and partnering with control owners to drive risk reduction. This role offers a unique opportunity to build and lead … Financial services firm is seeking a Crisis Management and Intelligence Analyst to join its Crisi View job & apply Location: Greater London Job type: Permanent Financial Service firm seeks an Incident Response Manager to join their CIRT team. This role play View job & apply Location: Frankfurt Job type: Permanent We're hiring an experienced IAM Managerto take ownership of More ❯

includes a powerful suite of solutions underpinned by simplified data access and management at scale with AI. These solutions include Asset and Risk intelligence, Attack Analysis, Orchestration Automation and Response, User Behavior Analytics, SIEM Enterprise Security, Application Performance Monitoring, Infrastructure Monitoring, Log Analysis, Incident Response, Network Monitoring, Business Risk Observability, AIOps, Digital Experience Monitoring and the ecosystem More ❯

Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security baseline validation Some threat hunting and forensic analysis Creating documentation, playbooks, and security … for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling multiple tools - Elastic, Tenable, CrowdStrike (or comparable alternatives More ❯

on back-office flows, particularly around Regulatory and Transaction Reporting support Daily interaction with all internal stakeholders with regards to support issues Efficiently create and track issues within an incident-management system to help identify trends and patterns Create and monitor internal reports and usage queries Assist with product testing and project work Identify and escalate possible platform improvements … At least 7 years hands-on support experience within a financial institution (buy-side, sell-side, venue/platform provider) Experience with Site Reliability Engineering (SRE) practices, including monitoring, incident response, and post-mortem analysis Hands-on experience with containerization technologies such as Docker and Kubernetes Proven experience managing cloud-based infrastructure and services, including AWS, Azure, or More ❯

known organisations. Youll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management, Certificate management, HSM configuration/installation/support Incident management, Change management, ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications Ensure governance and clear record keeping of activities undertaken … site local configuration activities Management of Cryptographic infrastructure to include Out of Hours Support, production of Monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development, Project delivery. Auditable Record Management. Excellent Risk and Control Maintenance Experience in Cryptography/Information Security ITIL Foundation Batchelor … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

products and services Maintenance and development of the in-house security framework Supporting vulnerability assessment scans and collaborating with other teams on remediation approach Collaborating with technology teams for incident handling, patching disciplines, and system hardening frameworks Collaborating with the Information Technology team on deployment, operation, and continual improvements of security solutions Collaborating with software developers to secure proprietary … management solution Performing periodic risk assessments of Marex's systems Auditing PII data within the environment for proper sanitization, responsible for deployment of DLP controls Assisting technology teams with incident response and disaster recovery planning Communicating Marex's security requirements to 3rd party vendors Assisting with technology audits conducted by internal or external auditors Ensuring organisation's compliance More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

outsourced MDR partner Manage and evolve the Security Operations Centre (SOC), guiding a small team of security professionals Coordinate timely responses to security incidents, ensuring proper documentation and post-incident analysis Collaborate with internal teams to ensure policies, protocols and operations align with business objectives and emerging threats Drive continual improvement in monitoring, incident response, and preventative … Security Service Edge (SSE), and SASE Proven ability to bridge the gap between technical and non-technical stakeholders when communicating security issues A passion for continuous improvement and post-incident analysis to drive security maturity What's on offer: Remote-first working (London office visit only max once per week) 35-hour working week for strong work-life balance More ❯

governance and internal control arrangements operated by Wallester UK. The UK HoORO will also be a subject matter expert at Wallester Group level for DORA/Operational Resilience, BCP, Incident Management and Data Privacy. Work responsibilities Control and Oversight of Outsourced Technology and Operations Ensure that systems and technology platforms used for Wallester UK operations are set up and … the 'risk owner' for technology, outsourcing and operations risk, including identifying, assessing and mitigating risks related to these areas. Key risk areas include cybersecurity and operational resilience. Maintain effective incident response and business continuity arrangements in partnership with the Wallester UK CCO, including managing operational incidents in a manner that meets FCA requirements. Ensure all applicable regulatory requirements More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

Cyber Essentials, ISO 27001, NIST, and GDPR Configure and deploy essential tools: firewalls, IDS/IPS, endpoint protection, and encryption Overhaul Active Directory, Group Policies, and server configurations Lead incident response, forensic analysis, and threat mitigation Monitor and adapt to new threats with continuous improvement initiatives About You: Proven experience delivering security solutions in cloud, on-prem, and More ❯

Cyber Essentials, ISO 27001, NIST, and GDPR Configure and deploy essential tools: firewalls, IDS/IPS, endpoint protection, and encryption Overhaul Active Directory, Group Policies, and server configurations Lead incident response, forensic analysis, and threat mitigation Monitor and adapt to new threats with continuous improvement initiatives About You: Proven experience delivering security solutions in cloud, on-prem, and More ❯

and review of data protection policies and procedures. Support data classification initiatives and ensure appropriate access controls are in place. Collaborate on information security projects, including risk assessments and incident response planning. Liaise with internal teams to provide guidance on compliance and data protection matters. Help respond to data subject access requests (DSARs) and regulatory queries. What We More ❯