76 to 100 of 666 Incident Response Jobs in England

looking for a visible champion of information security with a proactive mindset, able to influence positive change at a senior level. Strong technical acumen and an ability to lead incident response and effectively manage risk is essential. Key Responsibilities Security Strategy & Governance Act as the company's lead advisor on cyber and information security, ensuring risks are identified … Operational Security & Risk Management Lead the design, implementation, and monitoring of controls across endpoint security, identity and access management, and cloud infrastructure (e.g., AWS). Own and improve the incident response framework, including active participation in investigations, post-incident reviews, and business continuity planning. Run regular tabletop exercises and scenario testing to ensure operational preparedness for cyber … AWS, Azure), endpoint protection, IAM, vulnerability management, and SIEM/logging tools. Strong understanding of cyber threats, insider risk, security engineering principles and network security. Demonstrated experience managing the response to cyber incidents. Familiar with automating tasks with Python or similar programming languages, as well as using SQL to query data at scale. Knowledge of security frameworks such as More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

Job Summary: The Security Operations Lead is responsible for our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will … across Square Enix. Day to day you will be performing in-depth analysis and investigation of security alerts, game/brand related security events as well as leading the response to incidents. You will be responsible for maintaining and optimising our security operations tools and processes. Additionally you will be testing the effectiveness of our preventative and detective controls … platforms and the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key More ❯

travel to the office twice per week. We are looking for an experienced Security Engineer to join our Cyber team. You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you … will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Studio and gaming environments. Please note that this position will require participation in an on-call rotation. What you'll be doing: Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and … efficiently to stakeholders Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident Develop and run tools to gather security telemetry data from cloud production systems Automate workflows and improve identification and response time for security events Build and optimize detection rules, allowing us to spend our cycles More ❯

built on innovation, protection and connection. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Lead end-to-end incident response investigations and containment efforts Communicate directly with clients during live cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and … actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen response strategies Skills/Must have: Proven experience leading full-cycle incident response operations Comfortable handling breached customer communications under high-pressure … situations Expertise with industry tools such as Microsoft Sentinel, CrowdStrike, Defender, or equivalent Strong technical writing skills for producing post-incident reports Understanding of security frameworks like MITRE ATT&CK, NIST, or similar Eligibility for UK Security Clearance Benefits: Remote role Monday to Friday schedule High-impact position with autonomy and visibility Salary More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

contact for security incidents, leading investigations, and ensuring effective resolution Design, implement, and manage security measures for our applications and infrastructure to protect against security breaches Develop a rigorous incident response plan and lead post-incident reviews to improve our security posture Collaborate closely with development and infrastructure teams to integrate security practices into the DevOps pipeline … Oversee the deployment and management of security monitoring tools to ensure real-time visibility and response capabilities Conduct threat assessments and vulnerability assessments, and implement appropriate mitigation strategies Upskill and mentor the security team on best practices, emerging threats, and innovative security solutions Stay current on the latest cybersecurity trends, technologies, and threats, and proactively recommend enhancements to our … merging strategies Key Qualifications: Extensive experience in security operations roles, preferably in cloud and on-premise environments Proficiency in security monitoring tools (such as SIEM, IDS/IPS) and incident response processes Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS) Experience with scripting and automation tools for enhancing security processes Excellent communication More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

and external penetration testing activities, helping to triage and remediate findings. Security Champion Enablement: Collaborate with engineering teams to build security awareness and develop a network of Security Champions. Incident & Response Readiness: Support Smarsh SOC and security incident response, including root cause analysis and post-mortem reviews for your product(s). Security Compliance & Governance: Ensure More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal … with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/ More ❯

regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud security trends, tools, and technologies. Support the BISO in the providing metrics to the Divisional IT Risk Reporting and Dashboards. Escalate … experience with at least one major cloud provider (AWS, Azure). Proven experience with Microsoft Azure (multi-cloud knowledge, especially AWS, is a plus). Experience with security operations, incident response, and cloud compliance. Working knowledge of vulnerability scanning and detection technologies. Practical experience in triage and remediation of vulnerabilities. Deep understanding of and ability to articulate the More ❯

responsible for implementing and managing security infrastructure, responding to threats, and ensuring compliance across systems. You'll work with various cyber security solutions while driving security best practices and incident response. If you have experience in cybersecurity tools, governance, and access management-and want to use your skills to support a mission that changes lives-this is your chance … Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA … and Zero Trust security principles. Your expertise in network security, VPNs, SD-WAN, and Microsoft Defender solutions will help safeguard our systems, while your contributions to incident response, governance, and security strategy will shape the future of our cybersecurity posture. If you're passionate about cybersecurity and want to make a meaningful impact, then this role is for More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents, and develop robust incident response plans to ensure timely and effective resolution. Collaborate with cross-functional teams to design, implement, and manage security controls and configurations across a range of platforms and … . Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols More ❯

in security coverage. Apply GitOps and CI/CD principles to automate detection engineering workflows, boosting operational efficiency. Build and optimize security playbooks to streamline detection, threat hunting, and incident response activities. Develop, automate, and enhance our threat detection and response capabilities. Work closely with security analysts and other stakeholders to identify and address gaps in incident response capabilities. Keep up with current threat intelligence, emerging trends, TTPs, and vulnerabilities to adapt our detection strategies and effectively respond to evolving threats. About You Strong understanding of AWS cloud platforms with proficiency in a wide range of AWS services (e.g., EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation). Experience in developing and maintaining detection rules to More ❯

by writing timely , accurate , and relevant customer-facing deliverables covering threat actors, vulnerabilities, campaigns, and malware. Supply intelligence to internal teams to enrich our threat detection, containment, investigation, and response capabilities. Conduct investigations to support fast-turnaround and long-form customer requests for information, including in incident response scenarios. Publish emergency customer advisories to alert on impactful … Experience working in online intelligence investigations and analysis, including strong OSINT skills What makes you uncommon? Understanding of cybersecurity and IT disciplines including networking, operating systems, authentication protocols, security incident response , and enterprise technical security solutions (SIEM, IDS/IPS, firewall solutions, offensive security tools ) Basic knowledge of Linux/Unix operating systems Certifications such as Network+, Security+ More ❯

managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related … managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities Strong collaboration, teamwork and relationship building skills across multiple levels and functions in the organization Able to communicate … technical or complex subject matter in business terms. Implement, manage, and maintain global security platforms Manage and participate in computer security incident response activities and the technical investigations of security-related incidents Conduct investigations of security related incidents Identify security vulnerabilities, perform solution security reviews and risk assessments, and partner with colleagues to respond to incidents and remediate More ❯

team of 5 analysts and 3 engineers with diverse technical skills and backgrounds in cyber security. As our Lead Cyber Security Analyst, you'll: Develop and maintain the security incident response process, including all supporting materials. Serve as the technical escalation point for complex security incidents within the SOC team. Oversee incident response activities and ensure … and training for analysts, including malware reverse engineering, threat intelligence, and log analysis. Lead and mentor SOC analysts, fostering a high-performing team. Improve SOC services, including security monitoring, incident detection, analysis, and response. Establish and document processes and workflows. Oversee the development of security tools and technologies like NDR, EDR, Vulnerability Management, SIEM, and SOAR. Collaborate with business … owners to identify and reduce cyber threats and vulnerabilities. We're looking for someone who is: Experienced in information security, especially security operations and incident response. Senior experience within technical or security operations teams. Strong understanding of cyber security concepts, technologies, and best practices. Effective in managing and communicating with diverse stakeholders, including executives. Experienced with security tools such More ❯

security data and identify patterns or anomalies that may indicate a security breach. Review regular vulnerability assessments and penetration testing to ensure the robustness of security measures. Ensure rapid response to common incidents: Contribute to incident response plans to address security breaches promptly and effectively. Key Skills and Experience Required: Proven experience in cyber security, with a … monitoring techniques, using Microsoft Sentinel and its integration technologies and related tools to manage and analyse logs to detect and respond to threats effectively. Demonstrated ability to execute robust incident response, ensuring swift and effective handling of security incidents Ability to provide clear, actionable advice on best practices, improving the organisation's overall security posture and resilience. Excellent More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

global brand for a Security Analyst/SOC Analyst on a 6-month Contract basis. You’ll play a key role in security operations, vulnerability management, compliance auditing, and incident response, ensuring robust security for cloud services across UK data centres. Role and Responsibilities Manage vulnerability assessments using Tenable.io, including triage, exception tracking, and remediation Handle EDR alert … Conduct system audits for ISO 27001 compliance and review pen test/vulnerability scan outputs Perform log analysis, assist with threat hunting, and escalate risks or unusual activity Develop incident reports and track system impacts for analysis and improvement Collaborate with clients on infrastructure hardening and identify security gaps Support incident response, forensic analysis, and document findings More ❯

development, testing, and annual validation of disaster recovery and backup plans. Create and maintain up-to-date security documentation. Act swiftly and collaboratively in the event of a cyber incident, ensuring optimal recovery. Stay current with emerging threats and technological advancements in cybersecurity. Prepare for and manage annual penetration testing in collaboration with external vendors. Adhere to all Health … for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness & Risk Mitigation … shifting priorities in line with business objectives. High attention to detail and a strong commitment to accuracy and quality. Resilient and composed under pressure, especially in high-demand or incident response scenarios. ECS Resource Group are an Equal Opportunity Employer, for more information please click the following link: (url removed) In accordance with the Equality Act 2010, if More ❯