51 to 75 of 2,153 Incident Response Jobs in England

pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in … environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership … processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and More ❯

technologies and best practices across IT and OT environments, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience. Responsibilities: Investigate security alerts from our SIEM tool and 3rd party MSSPs … and to provide appropriate incident response actions. Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and actions. Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis to understand how incidents arise. Acting as the key contact and escalation point for … the SOC and Thames Water Digital teams. Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions. Develop and maintain SecOps documentation, policies, and procedures. Collaborate with stakeholders to understand More ❯

an impact on firmwide security posture by implementing and enhancing modern security tools Collaborate with IT and development teams on enterprise–wide projects Contribute to security design, operations, and incident response in a fast–paced environment Key Responsibilities: Implement new and existing security tooling to enhance the firm's security controls Support security operations, including incident response More ❯

is responsible for securing and monitoring Draper's digital assets as well as maintaining the highest level of information assurance across the enterprise. Job Description: Duties/Responsibilities * Leads Incident Response processes, ensuring issues are identified, remediated, and have documented root cause * Reviews existing, and author additional information security processes and standards * Resolves a wide range of security … security posture * Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. * Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. * Performs analysis of complex software systems to determine both functionality and intent of software systems. * Mentors junior staff, provide development … of their abilities * Performs other duties as assigned Skills/Abilities * Proficient with industry standard security technologies, including firewalls, IDS/IPS, SIEM tools, endpoint monitoring, etc. * Knowledge of incident response procedures and best practices * Familiarity with threat intelligence process and integration * Highly developed communication skills * Excellent organizational skills Education Bachelor's Degree in Computer Science, and/ More ❯

for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. Network Security & Infrastructure Protection (Plus Skills) Experience with Layer 7 firewalls (Cisco, Fortinet, Palo More ❯

on the effectiveness of existing cybersecurity tools and KPIs to both technical and non-technical audiences. Collaborate with infrastructure teams to ensure timely patching and mitigation of critical vulnerabilities. Incident Response Manage cybersecurity incidents from detection through to recovery, providing clear instructions to relevant teams and developing/enhancing incident response playbooks. Participate in resolving critical … technical issues to drive swift incident resolution. Training & Policy Development Provide training on cybersecurity standards and best practices to various business functions. Develop and update policies, standards, processes, procedures, and technical controls to enhance cybersecurity resilience. Develop and implement security awareness programmes, including regular phishing simulations, to promote best practices and reduce human-related security risks. Threat Intelligence Conduct More ❯

for review and authorisation. Implementation & Execution within mandate Monitor and analyse Cybersecurity operational services, including intrusion detection and prevention, situational awareness of: network intrusions. security events. data spillage; and. Incident response actions. Identify and resolve vulnerabilities in networks, servers, systems, and applications by performing vulnerability scans Investigate improper access to ensure proper access; revoking access; reporting violations; monitoring … the organisation, imparting knowledge to enable employees to become Technology Security champions Create a collaborative program to coordinate and drive operational activities related to Cyber Security, including event and incident investigation, process development and optimization, playbooks, and exercise development. Assists with managing vendor resource deliverables to ensure quality and consistency against SLA as per mandate To be the point … needs. Work across the organization to present contextual risk information to business colleagues, influencing strategic and operational decisions. Lead and collaborate on lessons learned and root cause activities, including incident response processes until closure with all relevant stakeholders. Drive compliance with Cyber security Training, in conjunction with Organisational Development, and awareness including alerting and escalations of non-compliant More ❯

objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role. Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions. Key Responsibilities: Client Engagement & Solution Design: Collaborate with clients to identify … specific use cases. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. Threat Detection & Response Strategy: Design and implement threat detection rules, logic, and response workflows that align with the client’s risk profile and operational needs. Guide clients in developing and improving … their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance More ❯

on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies, aligning toa 3 lines of defence model and enforcing alignment of risk taxonomy to organizational cybersecurity risk management processes … processes, streamline and simplify complexity, and incorporate new ideas and capabilities to enhance our security posture and make the team stronger and better. Decisive: provides clear direction during cyber incident response to the Security Operations team and all associated stakeholders. Identify risks : Able to synthesize capability gaps and articulate them so the Firm can manage risk in alignment … threat landscape. High level of integrity and ethical judgement to handle sensitive information responsibly. Familiarity with cloud security controls and securing hybrid IT environments. Knowledge of vulnerability management and incident management practices. Evidence of working in the Financial Service Industry preferred. If the above role is of interest please do apply to this job advertisement or call me on More ❯

maintaining a tagging systemto identify owners of assets, analysing environments to confirm ownership andusage, creating queries within tooling, conducting security sessions with engineersand stakeholders, automating processes, and documenting activities. Incident Management · Using security tools to investigate compromises, communicating findings, ensuringplatform functionality, monitoring and analysing cybersecurity events, responding to threats, supporting assessments, maintaining analytics reporting, supportingassurance activities, and documenting security … third-party reviews or compiling securityassurance evidence. General duties · Provide administrative support for the Group CISO Team and promoting securityawareness. Knowledge, skills and experience required: · Relevant experience in security incident analysis, incident response, or a similar role. · You have knowledge of security tools and technologies, such as SIEM, IDS/IPS,firewalls, antivirus, and cloud security. · Be More ❯

CIS, NIST ). Engage with Swyft executives, CISOs, and IT security teams to drive cybersecurity transformation, cloud security adoption, and zero-trust architecture implementations. Manage regional cybersecurity incidents and response strategies, collaborating with global SOC teams to handle threat intelligence, risk assessments, and cyber defense operations. Establish strategic partnerships with UK-based cybersecurity vendors, MSSPs, and government agencies for … Google Cloud security frameworks. Bachelor’s or Master’s in Cybersecurity, Computer Science , or a related field ( CISSP, CISM , or similar certifications preferred). Exceptional leadership, stakeholder management, and incident response capabilities to drive cybersecurity resilience across Swyft’s UK clients. Comprehensive Health Coverage – Medical, dental, and vision plans to keep you and your family covered. Mental Health More ❯

Virtual GP access for you and your household Onsite perks including free parking, tea and coffee stations, and a subsidized café with free breakfast toast Responsibilities Security Monitoring & Incident Response: Use SIEM tools like Exabeam, LogRhythm, Splunk, or Arcsight to monitor security events, detect threats, and analyze data to address incidents swiftly. Vulnerability Management Tools: Conduct regular vulnerability More ❯

You’ll Be Doing: Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including objectives setting, performance management/… reviews, training & development, and BAU activities including shift cover etc. Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours. Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC and client SIEM platform configuration More ❯

Key Responsibilities: Drive and maintain a robust Cyber Security strategy in line with business objectives and regulatory requirements (e.g., FCA, ISO 27001, NIST). Lead security operations, including monitoring, incident response, and vulnerability assessments. Ensure top-tier security for Azure Cloud environments, including Microsoft Defender, Sentinel, and Entra ID solutions. Manage audits, compliance, and supplier security profiles, ensuring More ❯

management Cloud posture management and threat protection Security automation and DevSecOps integration Security Operations SOC transformation and cloud-native security ops Threat detection with XDR, NDR, and SOAR platforms Incident response planning and threat intelligence integration Regulatory alignment for DORA, NIS2, and UK-specific mandates Risk frameworks tailored by industry (FS, critical infrastructure) Compliance automation and continuous control More ❯

Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards such as SOC 2, ISO 27001, GDPR, or NIST. Experience with incident response and risk management. Knowledge of Zero Trust architectures and security-first IT practices. Soft Skills: Excellent problem-solving and communication skills. Ability to collaborate effectively with external More ❯

and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP More ❯

and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP More ❯

Recognized security qualifications (e.g., CISM, CISSP) preferred Experience leading security teams or senior security analysts Project management experience (preferred) Leadership skills for managing security analysts and specialists Expertise in incident detection, analysis, response, and coordination Deep understanding of cybersecurity principles and technologies Proficiency with SOC tools (SIEM, IDS/IPS, EDR) Risk assessment and prioritization skills Knowledge of … and legal adherence Strong communication skills for diverse audiences Ability to adapt to evolving threats and technologies Experience Extensive security operations experience Prior CIRT team experience Leadership in Security Incident Response Experience with SIEM/SOAR tools Knowledge of threat intelligence, vulnerability management, network security Experience with threat analysis and security alerts Familiarity with frameworks like MITRE ATT More ❯

combine local knowledge with global insight. The Global Cyber Security Analyst will analyze and correlate global and regional cybersecurity data. This includes helping to monitor, triage, and prioritize the response to alerts for both cloud and traditional infrastructures. This position is designated for weekend coverage. The role's standard 5-day work week will include Saturday and Sunday. Responsibilities … of cybersecurity issues Monitor, triage, prioritize, and coordinate events with global and regional teams, and respond to alerts for further investigation Integrate lessons learned to improve defensive capabilities and incident response processes, ensure proper configurations and security controls of systems and agents, document key findings in reports and incident management systems Conduct enterprise security log collection, management … and analysis. Investigate SIEM events, alerts and tips to determine if an incident has occurred Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response - integrate threat intelligence reporting & indicators of compromise to improve defenses and proactively mitigate new threats Coordinate More ❯

incidents to determine the root cause and impact. Collect and preserve evidence in accordance with legal and regulatory requirements. Provide detailed forensic reports and recommendations for improving security posture. Incident Response: Lead and coordinate incident response efforts, including detection, containment, eradication, and recovery. Support development and maintenance of incident response plans and procedures. Conduct … post-incident reviews and lessons learned sessions to improve response capabilities. Security Tools: Utilize and maintain security tools and technologies, such as firewalls and intrusion detection/prevention systems. Ensure security tools are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of security incidents … Security Tools Proficiency: Expertise in using firewalls (especially Palo Altos), intrusion detection systems and endpoint security solutions. Network Security: Strong understanding of network protocols, VPNs, and network security architecture. Incident Response: Ability to detect, analyse, and respond to security incidents, including forensics and malware analysis. Vulnerability Management: Experience in identifying, assessing, and mitigating vulnerabilities in systems and applications. More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

in the world by revolutionizing technology in Space. What You’ll Do: The Security Operations Analyst will be focused on providing excellent 24/7 first line operational and incident response support, so our teams can provide fantastic customer experience. You will work closely with internal customers to build and support operational resilience, monitoring and security across IT … systems required to support the Eutelsat Group mission. You will also contribute to the design, build, and support of the Security Operations technology infrastructure. Responsibilities include: Provide effective incident management through monitoring and analysis of Security Events and Incidents on a diverse range of SIEM tools and monitoring capabilities. Triage, mitigate and escalate incidents accordingly, while capturing and recording … pertinent information. Perform appropriate contingency and containment procedures in response to planned or unexpected events. Produce and deliver detailed written and verbal technical Incident reports. Act as the subject matter expert for operational security, providing advice and guidance to internal teams. Contribute to the continuous improvement of the operations team. Manage and support the tooling used by Eutelsat More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

IT security frameworks. Deploy and Configure Security Solutions: Implement, optimize, and manage OT cybersecurity platforms such as Claroty, Dragos, Nozomi Networks, Microsoft Defender for IoT, and Armis. Threat Monitoring & Incident Response: Identify, analyze, and respond to security events and incidents in OT networks, collaborating with IT and operational teams to mitigate threats. Security Assessments & Compliance: Conduct OT security … VPNs, authentication systems, PKI, log management, and content filtering. Cybersecurity Frameworks: Familiarity with NIST, IEC 62443, ISO 27001, NERC CIP, GSMA IoT Security Guidelines, and other industry security standards. Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation for OT environments. Technical Skills: Strong troubleshooting, analytical, and problem-solving abilities. Communication & Collaboration … regulations, standards etc, Relevant industry certifications like: Preferred Certifications Global Industrial Cybersecurity Professional (GICSP) Certified Information Systems Security Professional (CISSP) ISA/IEC 62443 Cybersecurity Fundamentals (IC32) GIAC Certified Incident Handler (GCIH) GIAC Cyber Incident Leader (GCIL) Personal: Besides the professional qualifications of the candidates we place great importance in addition to various forms personality profile. These include More ❯