51 to 75 of 346 Incident Response Jobs in England

develop and learn new skills, this could be the role for you. Everyone that joins us is required to undertake training and participate in incident response duties when the need to respond arises. Having an incident role is an essential part of working for the Environment Agency … active way to support communities and prevent harm to the environment. Further information on incident response can be found within your candidate pack. You’ll have access to our great benefits package, including generous annual leave, excellent pension and flexible working arrangements. We also offer extensive training

Operational Technology) Outside IR35 Duration: 6 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated … policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response.

Operational Technology) Outside IR35 Duration: 6 – 9 months Location: Crawley, Hybrid 2 days per week on site Overview of project: The role of an Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and/or escalated … policies, standards and procedures aligned with best practice. Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response.

operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with … governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact

followed Define, build, and configure monitoring, alerting, and instrumentation - choosing the right approach (build or buy) on a case-by-case basis Lead incident response: coordinate teams during outages, drive root cause analysis, and implement preventive measures Manage and develop a small team comprising DevOps and technical support … just configure it - but pragmatic enough to know when off-the-shelf is the right choice Calm under pressure with a systematic approach to incident management Able to quickly understand and troubleshoot unfamiliar systems across the full stack Experienced in leading small teams and developing people Strong communicator

Level 3 Analyst North West/Hybrid CrowdStrike LogScale SIEM Incident Response Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services click apply for full

environments. You'll work across servers, networks, storage, and security tools, contributing to infrastructure projects as well as cyber initiatives such as vulnerability management, incident response, and enhancing security controls. You'll also collaborate with group security teams and help ensure systems remain resilient and up to date. … etc.) Palo Alto deployment/configuration experience is a must Good understanding of firewalls, network protocols, and intrusion prevention Ability to manage vulnerability scanning, incident response, and remediation Confident communicator with solid documentation skills The role also covers an office in Milton Keynes and they might be occasional

assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel … detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other departments to ensure a unified security approach, including third-party risk

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture.- 3 days on site in Birmingham (Please ensure you are local before applying)- £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role

KPIs, SLAs and operational targets are met and continuously improved Managing, mentoring and developing SOC analysts to maintain a high-performing team culture Overseeing incident response processes, ensuring issues are escalated, handled and closed effectively Supporting the refinement of SOC processes, reporting, documentation and operational standards Acting … performance and process management A commercially minded approach, comfortable working with KPIs, reporting and wider business objectives Good understanding of SOC tools, processes and incident response workflows Strong communication skills with the ability to work effectively across technical and non-technical teams Exposure to or collaboration with service

threat actor profiles, and campaign assessments. Translate complex technical findings into concise, risk-based intelligence for decision-making. Collaborate with SOC, Detection Engineering, and Incident Response teams on purple-team exercises and threat-hunting. Maintain trusted relationships with industry and intelligence communities. Provide SME-level advice and challenge … other platforms to manage workflows and document intelligence findings. About You We’re looking for someone with a strong technical background in threat intelligence, incident response, or threat hunting, ideally within enterprise or global environments. You’ll be confident in analysing complex threats and communicating your findings clearly

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills

reliable, high-performance database technologies across multiple environments. Mentor and coach a diverse, globally distributed team of DB engineers. Shape and refine processes like incident response, postmortems, and capacity planning to ensure smooth ops. Collaborate with infrastructure, product, and security teams on platform database initiatives. Drive best practices … specifically prioritisation, tracking schedules and deadlines, communicating across team/org boundaries. You have experience managing process design: running a smooth on call rotation, incident response, postmortems, load testing, capacity planning, etc. You have hiring experience: predicting staffing needs, designing interview loops, evaluating candidates, assisting with closing candidates

reliable, high-performance database technologies across multiple environments. Mentor and coach a diverse, globally distributed team of DB engineers. Shape and refine processes like incident response, postmortems, and capacity planning to ensure smooth ops. Collaborate with infrastructure, product, and security teams on platform database initiatives. Drive best practices … specifically prioritisation, tracking schedules and deadlines, communicating across team/org boundaries. You have experience managing process design: running a smooth on call rotation, incident response, postmortems, load testing, capacity planning, etc. You have hiring experience: predicting staffing needs, designing interview loops, evaluating candidates, assisting with closing candidates

reliable, high-performance database technologies across multiple environments. Mentor and coach a diverse, globally distributed team of DB engineers. Shape and refine processes like incident response, postmortems, and capacity planning to ensure smooth ops. Collaborate with infrastructure, product, and security teams on platform database initiatives. Drive best practices … specifically prioritisation, tracking schedules and deadlines, communicating across team/org boundaries. You have experience managing process design: running a smooth on call rotation, incident response, postmortems, load testing, capacity planning, etc. You have hiring experience: predicting staffing needs, designing interview loops, evaluating candidates, assisting with closing candidates

Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate … requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows

diagrams, and evidence packs. Chair the Cyber Security Working Group and support regional security leads. Assist the Security Architect with deploying new controls. Deliver incident response: triage escalations, coordinate crisis response, provide out-of-hours support, and perform post-incident reviews. What We're Looking … Required Experience: Degree or equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills

Company description: As the Lead - SOC Incident Manager, your role will encompass communicating cybersecurity incidents to key partners across the enterprise as well as being the main interface between the Colt business units and the cybersecurity groups. You will be the subject matter expert responsible for coordinating cyber security … incidents across the enterprise. Job description: You will play a key role within the SOC to manage incidents: Coordinate response efforts to cyber security incidents caused by internal and external threats to reduce the impact of these incidents to Colt and its customers. Act as the bridge between

services, define strategic vision for improvement and reliability. Service Design and Implementation: Collaborate with architects and engineers to design secure services and oversee deployments. Incident Management: Coordinate incident response, root cause analysis, and corrective actions. Infrastructure Management: Ensure patching, evergreening, backups, and compliance for on-prem

Clearance - Gloucestershire Based or ability to travel to Gloucestershire.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with