South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
new tools and techniques to enhance the security posture Administer and mature tool configurations, optimize performance, and feature utilization Integrate tools to automate critical response tasks. Evaluate TVM tool and patches, updates, and perform maintenance Develop detailed documentation on TVM implementation, configuration, and processes Plan, develop, and implement new … security devices or services for TVM as needed Identify, create and mature cybersecurity operations processes. Assist with forensic investigations and incidentresponse team (CIRT) activities.as needed Assist with security awareness activities (communications, posters, events, assessments) as needed Participate in incident runbook development Escalate pertinent findings in a … management expertise Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions. Experience and participation as needed with security incident and investigations Assist as needed with security awareness content such as communications, posters, presentations Experience with security management/configuration cloud tools and services more »
Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct … counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Document incidents to contribute to incidentresponse and disaster recovery plans. Perform internal and external security audits. In the case of third-party vendors, verify their security strength and … reporting Real Time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Be prepared to provide a Technical Escalation more »
City of London, London, United Kingdom Hybrid / WFH Options
Akkodis
for the junior analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will also have the opportunity … L1 and L2 analysts, including objectives setting, performance management/reviews, training & development, and BAU activities including shift cover etc. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours … Support Major IncidentResponse activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity. Identify, create and implement more »
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
CIIH Ltd T/A Headway Recruitment
standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security IncidentResponse processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »
City of London, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Incident Responder - Cyber Security - Middle East BAE Systems Digital Intelligence has been contracted to deliver a National Cyber Security Programme in the Middle East as … for 12 months so there are no options for hybrid working as the majority of time will be spend on client site. As an Incident Responder you will be responsible for the Triage of cyber security incidents, determining and categorising which incidents cross the threshold becoming National cyber security … media releases. Manage Incidents on site and across multiple sites. Conduct on-site analysis and collection of data for depth support as part of incident investigation. Identify and propose remediation activities and identify security improvements to prevent future incidents. Direct client IR Teams and In-house malware and forensics more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role • Develop and integrate security event monitoring and incident management services. • Respond to security incidents as they occur as part of an incidentresponse team. • Implement metrics and dashboards to give more »
week (Flexible) Multiple sites Core Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium Role duties - • Develop and integrate security event monitoring and incident management services. • Respond to security incidents as they occur as part of an incidentresponse team. • Implement metrics and dashboards to give more »
client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incidentresponse capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »
Doncaster, South Yorkshire, Yorkshire, United Kingdom
Forward Role
client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incidentresponse capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incidentresponse capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ✨Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »
Gloucester, England, United Kingdom Hybrid / WFH Options
Lockheed Martin Corporation
firewalls, VPNs, IDS/IPS systems, and network segmentation strategies. Ethical Hacking - Practicing penetration testing and vulnerability assessments to identify security vulnerabilities in systems. IncidentResponse - Managing and mitigating cyber attacks or breaches efficiently, understanding how to contain the breach and recover. Security Auditing - Reviewing systems and procedures … to ensure compliance with security policies and standards. Digital Forensics - Analysing digital information to uncover what occurred during a cyber incident and recovering and analysing data. Risk Analysis - Evaluating and prioritising potential threats to an organisation’s systems and digital assets. Threat Intelligence - Collecting and analyzing information about existing more »
alerts - Analyse and respond to security events - Conduct root cause analysis and forensic investigations - Collaborate with IT and security teams to resolve incidents - Maintain incidentresponse procedures and documentation Desirable Skills: - Experience with Microsoft technologies (Windows Server, Active Directory, Azure) - Knowledge of Elasticsearch and Linux - Familiarity with SIEM more »
alerts - Analyse and respond to security events - Conduct root cause analysis and forensic investigations - Collaborate with IT and security teams to resolve incidents - Maintain incidentresponse procedures and documentation Desirable Skills: - Experience with Microsoft technologies (Windows Server, Active Directory, Azure) - Knowledge of Elasticsearch and Linux - Familiarity with SIEM more »
and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incidentresponse, conduct post-incident reviews (PIRs), root-cause analysis (RCAs), and implement mitigating solutions. Manage capacity for cyber platforms proactively. Design data more »
understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incidentresponse procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »
Brighton, England, United Kingdom Hybrid / WFH Options
Hays
maintain information security strategies and objectives to enhance the overall security posture of the business. Monitor and analyse security incidents and breaches, and lead incidentresponse efforts to contain and mitigate the impact in a timely manner. Reporting to senior management on Cyber related metrics and improvement needs. more »
be beneficial but equivalent experience or demonstratable equivalent knowledge will also be accepted. Cyber, Security, Information Security leadership, Technology, Management, Risk Management and Governance, IncidentResponse, Security Remediation, Security Policy Creation, Third Party Risk Management, Attack Surface Management Creation exposure and experience essential. The role holder will possess more »
Sheffield, South Yorkshire, Yorkshire, United Kingdom
Purview Consultancy Services Ltd
to protect the businesses internal/customer data in line with current legislations. Developing and embedding mature processes that focus on Risk Management and incident response. Carry out risk assessments and conducting frequent GDPR compliance audits. Work with stakeholders to develop Business Continuity and Disaster Recovery plans across the more »
to protect the businesses internal/customer data in line with current legislations. Developing and embedding mature processes that focus on Risk Management and incident response. Carry out risk assessments and conducting frequent GDPR compliance audits. Work with stakeholders to develop Business Continuity and Disaster Recovery plans across the more »
include, but are not limited to: Design, develop, and maintain Python-based integrations and automation solutions within Google Chronicle, enhancing threat intelligence, detection, and incidentresponse capabilities. Lead the strategic integration of Google Chronicle within Fortrea's cybersecurity infrastructure, optimizing its utility for security analytics and operations. Direct … applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. Relevant certifications such as CISSP, GCIH, or Google more »
suppliers and external auditors. In addition to this, you will deliver awareness training, test and report on the business's disaster recovery, continuity and incidentresponse plans, and carry our internal audits of the InfoSec governance frameworks. In order to be suitable for this role, you must be more »
Responsibilities: Develop and implement comprehensive information security strategies, policies, and procedures. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Lead incidentresponse efforts and manage security breaches efficiently. Collaborate with cross-functional teams to ensure security measures are integrated into all business operations. Stay more »