51 to 75 of 413 Incident Response Jobs in England

AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security … cybersecurity awareness and training campaigns. Build a security-conscious culture across the organisation. Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training. Incident Management and Business Continuity Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas … in the workplace. Oversee and periodically test the incident response and disaster recovery plans. Provide strategic direction and escalation oversight during major incidents. Conduct post-incident reviews and feed findings into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and More ❯

with Key Vault, SBOM and image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform … service catalog entries; contribute to onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incident response when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services, API Management, Event Hub/… GitOps, and container build pipelines (e.g., ACR, OPA policies, image scanning). Working knowledge of observability tooling (Azure Monitor, Log Analytics, Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and More ❯

cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. CORE COMPETENCIES & SKILLS Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview Understanding of security operations, incident response, and More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incident response planning and cloud-specific disaster recovery strategies. Stay up to date with GCP security features, UK regulatory changes, and emerging threats. Requirements What You'll Bring Essential … sector or regulated industries (e.g. finance, healthcare). Familiarity with container security (GKE, Kubernetes RBAC, image scanning). Proficiency in scripting (Python, Bash) for automation and tooling. Experience with incident response in cloud-native environments. Previous consultancy experience within UK public sector organisations. If you're interested in the above, reach out to or apply Reasonable Adjustments: Respect More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive Incident Response: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for … to identify trends and spot unusual behaviours, indicative of malicious activity · Proactive threat hunting using available client data · Collection and/or interpretation of different sources of threat intelligence · Incident response · Automation of SecOps processes using scripting More ❯

for executive decision-making. Collaborate with intelligence teams to develop threat modelling deliverables. Experience & Skills Required 8+ years of experience in information security, preferably in Investigations, Analysis, Security Operations, Incident Response, or Threat Intelligence. 3+ years' experience specifically in Insider Threat or equivalent roles. Proficiency with insider threat detection tools (UEBA, DLP, SIEM) and knowledge of advanced threat … intelligence techniques. Understanding of threat actor tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK Framework. Familiarity with security frameworks, incident response, and risk management practices. Knowledge of legal and regulatory considerations, including privacy and data protection laws. Excellent interpersonal, relationship management, and communication skills. Qualifications & Certifications Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business More ❯

high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation and mentor to junior SOC … and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response … of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working experience in leading security incidents at all levels related to incident response Working experience in managing 2nd/3rd level security events Ability to manage strong relationships with global security operations colleagues and other departments, including network teams and More ❯

strategy aligned with business goals and growth plans, ensuring a proactive and preventative security posture. Establish and mature a global Security Operations Centre (SOC) to strengthen detection, monitoring, and incident response capabilities. Lead enterprise-wide threat management initiatives , addressing vulnerabilities, mitigating risks, and reducing the likelihood and impact of cyber threats and attacks. Act as the principal security … principles within operations, digital transformation, and corporate strategy. Cyber Governance & Risk Management: Enhance and maintain the organisation's Information Security Management Framework (ISO27001, NIST). Oversee vulnerability management, audits, incident response, and disaster recovery processes. Ensure compliance with all applicable regulations and standards across global jurisdictions. Operations & Performance: Oversee selection, implementation, and monitoring of appropriate security technologies and More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

Overview As Cyber Security Manager at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture … suppliers to ensure their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the … security across the business Protecting the data entrusted to us by our clients at all times Requirements Managing technical risks and proposing solutions and recommendations Security Operations procedures, i.e. Incident management and response Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but More ❯

execute the overall Cyber Security strategy, ensuring it aligns with business objectives, manages risk, and supports the firm's rapid growth. Oversee the Cyber Security function, including Security Operations, Incident Response, and Governance, Risk, and Compliance (GRC) specialists, providing leadership, mentorship, and effective resource allocation. Establish and enforce a robust security governance framework, including policies and procedures for … PCI DSS if applicable). Manage and continuously improve the firm's security architecture and controls across all domains: network, cloud (SaaS/IaaS), endpoints, and applications. Lead the Incident Response and Disaster Recovery programs, ensuring capabilities are tested, effective, and ready to mitigate the impact of security breaches. Drive security awareness and training programs across the organization More ❯

regulatory compliance initiatives ns (e.g. NIST, ISO 27001, SOC2 compliance). Lead the design and operation of shared security services between IAG Loyalty and IAG airlines (e.g., threat detection, incident response, intel management, data sharing) at the group level. Establish clear escalation protocols and cross-company incident response procedures. Align security initiatives with individual business unit More ❯