15 of 15 Incident Response Jobs in Hampshire

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence … leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities The More ❯

DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response. How will you make an impact? Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards … and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat … such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. Commitment to continuous learning and professional development in audit, compliance, and More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. … engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). More ❯

cutting-edge technologies in a fast-paced, collaborative environment. What You’ll Do Lead 24/7 SOC operations, ensuring timely threat detection and incident response Drive continuous improvement in SOC processes, playbooks, and performance metrics Manage, mentor, and grow a team of SOC Analysts and Security Specialists … SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence, and multi-tenant SOCs Excellent leadership, communication, and client engagement skills Bonus Points for Certifications such as CISSP, CISM, GIAC More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to … ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing … correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies More ❯

DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations centre (SOC) environment … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge … between foundational and advanced threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining … threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response More ❯

following Saab Group IT standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Systems accreditation for internal and external teams Leading IT Security Incident response process Required Skills: System administration Network security Problem solving Information security policies On-call network troubleshooting Firewall administration Network protocols Routers, hubs … and common security elements. Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro More ❯

Engineering Professional). Other Cyber/information Security qualification (e.g. CISSP, CCSP, CCNA, SABSA) Desirable Skills Cloud, on-prem, SaaS, PaaS, IaaS environments. Security incident response. Coding skills. Experience working with Azure Sentinel. If you are interested in this role but not sure if your skills and experience are More ❯

or activity considered to be unauthorised, unexpected or illegal Responding to incidents, utilising a catalogue of playbooks Escalation of complex incidents to Tier 2 Incident Response Teams Review and develop existing security controls in line with a constantly growing technical environment Triage and Review Vulnerability Scanning Reports, feeding … and develop understanding of security as a discipline Experience (Essential) Previous experience in Security, SOC or related technical field with desired, specific focus on Incident Management Vulnerability Management Relevant qualification(s) in Cyber Security, or other related technical roles Examples Degree in Cyber Security, Computer Science, Networks etc. Professional … limited to) cloud computing, SIEM, Vulnerability Scanning/Management etc. Understanding of some (or all) of the following: Key Concepts of Cloud Computing Security Incident Management Risk Management Information Security (CIA) Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and Leavers Processes) Security More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

Responsibilities and Tasks Monitoring systems for security alerts, intrusions, or unauthorized activities Responding to incidents using established playbooks Escalating complex incidents to Tier 2 Incident Response Teams Reviewing and developing security controls in a growing technical environment Triaging and reviewing vulnerability scanning reports, providing feedback to technical teams … like CompTIA, ISACA, etc. Technical qualifications such as cloud computing, SIEM, vulnerability management, etc. Experience (Nice to have) Understanding of concepts like cloud computing, incident management, risk management, information security (CIA), phishing, ransomware, IDAM, JML processes, security awareness, and information classification. About SiXworks SiXworks specializes in secure digital solutions More ❯

tools (e.g., Prometheus, Grafana, ELK stack, Cloudwatch). Excellent problem-solving skills and the ability to troubleshoot complex issues in distributed systems. Experience of Incident management and blameless postmortems that includes driving the incident response efforts during outages and other critical incidents, resolution, and communication in a More ❯