76 to 100 of 307 Incident Response Jobs in England

improved access controls. Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes). Adhere to all internal service-related processes such as Alert & Incident Management processes. Assist with the creation of processes … when required and to have these align with existing processes. Document incident reports including actions taken in SOC Ticketing systems. Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily/weekly SOC reports for OT Environments. ...

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...

deliver high-quality technical solutions. Desirable Experience Automation experience (PowerShell, Python, API integrations) and/or systems administration background. Familiarity with security frameworks and incident response methodologies. Experience working with logging pipelines (e.g., AMA, Syslog, Cribl, SIEM tooling). Exposure to non-Microsoft security platforms such as CrowdStrike ...

Oversee customer facing and technical teams, ensuring efficient handling of customer needs including complex queries, platform optimisation and continuous service improvements. Drive improvements in incident response and incident management processes to ensure rapid resolution, clear communication and reduced customer impact. Coordinate closely with Product, Engineering, Sales ...

Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams deploy quickly and securely. Incident Response: Contribute to operational and security incident handling to minimize downtime and risk. What You Bring: Strong experience designing, managing, and securing ...

ITSM platform Analysing alerts using a range of security tools including SIEM, EDR, and email security platforms Leading deep-dive investigations and working with incident responders to contain and eradicate threats Acting as the escalation point for Tier 1 analysts, offering guidance and technical support Conducting security assessments across … threat landscape with CTI-informed analysis and mitigation advice Who you are: Proven experience in a SOC or similar security role Strong background in incident investigation, threat identification, and response within SLAs Hands-on experience with SIEM, EDR, and email security tooling Ability to mentor and support junior ...

control frameworks Lead security audits, manage remediation, and track follow-up actions Cyber Operations Oversight Manage vulnerability scanning programmes, penetration testing, and remediation Oversee incident management processes and escalation procedures Maintain incident response, disaster recovery, and business continuity plans Ensure high standards for access control, monitoring, encryption ...

deployment pipelines. Ensure repeatable, reliable, and secure deployment processes aligned with best practices. Operational Excellence & SRE Support Contribute to SRE practices including monitoring, incident response, latency management, and service reliability improvements. Support observability initiatives by integrating monitoring, logging, and alerting tools. Troubleshoot platform issues across Red Hat, Kubernetes … maintaining strong communication with technical teams and stakeholders. This role is for a UK based Utility company and hence demands a highly experienced Major Incident Manager. severity incidents. functional technical teams to diagnose and resolve issues. Incident Activities dive reviews to identify root cause and preventive actions. ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Kubernetes security Experience operating within compliance-driven environments (ISO 27001, SOC 2, NIST) Experience building policy-as-code or automated guardrails Exposure to incident response and threat detection engineering Responsibilities for DevSecOps Engineer: Take ownership of improving cloud security posture, including AWS Security Hub uplift, IAM optimisation … code controls Support vulnerability triage, prioritisation, and structured remediation tracking Collaborate closely with engineering teams to resolve findings pragmatically Enhance logging, alerting, and incident readiness across the platform What this offers: Working for an industry-leading AI software company at the forefront of innovation A genuinely hands-on DevSecOps ...

involvement with strategic planning and leadership Shaping and owning our AWS infrastructure and reliability roadmap Defining and embedding SRE best practices, including monitoring, alerting, incident management, and capacity planning Establishing and evolving SLOs, SLIs, and error budgets in partnership with engineering teams Acting as a senior technical voice … architecture discussions and operational decision-making Supporting incident response and post-incident reviews, with a focus on long-term improvement Developing, mentoring, and empowering a high-performing engineering team Essential Skills & Experience Experience in a senior SRE, Infrastructure, or Platform leadership role Strong, practical experience operating production ...

involvement with strategic planning and leadership Shaping and owning our AWS infrastructure and reliability roadmap Defining and embedding SRE best practices, including monitoring, alerting, incident management, and capacity planning Establishing and evolving SLOs, SLIs, and error budgets in partnership with engineering teams Acting as a senior technical voice … architecture discussions and operational decision-making Supporting incident response and post-incident reviews, with a focus on long-term improvement Developing, mentoring, and empowering a high-performing engineering team Essential Skills & Experience Experience in a senior SRE, Infrastructure, or Platform leadership role Strong, practical experience operating production ...

Site Defender (KSD), WAF, and Bot Manager Implement and manage security policies, rulesets, and traffic routing configurations Monitor web traffic, identify threats, and support incident response activities Tune WAF and bot protection rules to minimise false positives and enhance effectiveness Support CDN configuration, caching strategies, and performance optimisation ...

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will ...

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

operated services on AWS — EKS (or equivalent managed Kubernetes), IAM, S3, Secrets Manager. Not just 'we used AWS'. ✅ You have been the primary incident responder — diagnosed under pressure, coordinated a fix, wrote a postmortem. Not just 'I helped fix a bug'. ✅ Your CV contains specific metrics — latency … confirm that what shipped works, not just that it compiled. Drive codebase refactoring inside your squad in line with the MongoDB → PostgreSQL migration strategy. Incident Response & Reliability Serve as incident commander for production issues within your squad's domain — diagnose, triage, coordinate fix, and own communication ...

first security programme across infrastructure, endpoints and cloud environments. Working directly alongside the CISO, you will architect and implement the firm’s detection and response foundations - designing telemetry strategy, response workflows and supporting security controls in a largely greenfield environment. This is not a SOC management role … from a single senior engineer into a small, high-calibre team... Key Responsibilities Architect and scale the firm’s end-to-end detection and response capability, from telemetry ingestion through to investigation workflows Design high-signal detection logic informed by real attack techniques, not generic vendor rules Build ...

segmentation platforms, Sophos, Mimecast, XDR solutions, vulnerability scanners and hardening baselines. Managing firewalls, VPNs, secure remote access and segmentation controls. Improving detection and response by working closely with SIEM/SOC teams. Ensuring critical logging, monitoring and compliance standards are always met. Automating deployments and controls using PowerShell, Python … Terraform or similar tools. Supporting vulnerability assessments and driving remediation across the estate. Contributing to secure design reviews across applications, infrastructure, and cloud services. Incident response experience is desirable but not essential. We're looking for someone with: Strong hands-on experience with network infrastructure and security, segmentation ...

enrich, and contextualize IOCs, TTPs, malware families, threat actors, and campaigns. - Map intelligence to MITRE ATT&CK, kill chains, and organizational risk scenarios. - Support incident response, SOC, detection engineering, and vulnerability management teams with actionable intelligence. - Conduct adversary and campaign tracking, ensuring data quality and analytical integrity. 3. … Optimization - Design and implement automation workflows within the TIP to reduce analyst toil. - Work with SOAR platforms and scripting tools to enable intelligence-driven response actions. - Optimize scoring, deduplication, false-positive reduction, and prioritization logic. - Collaborate with engineers to expose TIP data via APIs and downstream systems (SIEM ...

events from Microsoft Security Suite Perform initial triage and analysis of security incidents to determine severity and impact. Escalate verified incidents to the incident response teams. Ensure timely triage and remediation of any incidents Follow standard operating procedures (SOPs) for incident handling and escalation. Assist in improving … standard operating procedures (SOPs) Assist in identifying tuning opportunities and reduction of false positives Communicate with customer stakeholders during incident investigation Maintain awareness of current threats and vulnerabilities relevant to customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender ...

Umbrella Clearance: Credit Check Required What You will do Operate and enhance our Kubernetes platform across AWS, Azure, and on-prem. Lead incident response, problem management, and root-cause analysis. Deliver cluster lifecycle work: upgrades, patching, node pools, CNI/CSI, ingress, and Rancher operations. Own observability, dashboards ...

DevOps tooling (Ansible, Terraform, CI/CD, Git) Experience working with Azure or similar cloud platforms Solid understanding of infrastructure reliability, monitoring, and incident response Strong problem-solving skills and ability to work across multiple priorities Willingness to work in secure, regulated environments (SC eligibility required) Desirable experience ...

cyber trends Assisting with security initiatives and implementations Overseeing the remediation of vulnerabilities raised by MSSP penetration tests, producing supporting documentation Assisting with incident response What you'll need to succeed Experience of rule creation and definition within Google SecOps is ideal, alongside, MS Defender for Endpoint ...

enterprise messaging infrastructure built on Solace PubSub+, ensuring high availability, optimal performance, and reliability across production and non-production environments. This includes working on incident response, capacity planning, WAN optimization, and system observability using tools like Prometheus and Grafana . Key Responsibilities: Administer and maintain Solace PubSub+ appliances ...

configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support incident response and collaborate with project and change teams to ensure new deployments and business initiatives are delivered securely. This is a hands-on, high ...