51 to 75 of 117 Incident Response Jobs in Hampshire

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to … ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing … correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies More ❯

Our client is an established UK based MSSP who are hiring for a Level 2 SOC Analyst to support their growing Threat Detection & Response team. This role will be ideal for someone with at least 2 years’ hands-on experience in a SOC. The successful candidate will: Manage and … triage escalated security alerts and incidents Act as an escalation point for Level 1 analysts and provide mentoring Own customer communication and incident resolution Follow structured remediation playbooks and incident response procedures Support tool tuning, threat detection improvements, and service optimisation Participate in a 24/ More ❯

Our client is an established UK based MSSP who are hiring for a Level 2 SOC Analyst to support their growing Threat Detection & Response team. This role will be ideal for someone with at least 2 years’ hands-on experience in a SOC. The successful candidate will: Manage and … triage escalated security alerts and incidents Act as an escalation point for Level 1 analysts and provide mentoring Own customer communication and incident resolution Follow structured remediation playbooks and incident response procedures Support tool tuning, threat detection improvements, and service optimisation Participate in a 24/ More ❯

DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations centre (SOC) environment … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge … between foundational and advanced threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining … threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response More ❯

following Saab Group IT standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Systems accreditation for internal and external teams Leading IT Security Incident response process Required Skills: System administration Network security Problem solving Information security policies On-call network troubleshooting Firewall administration Network protocols Routers, hubs … and common security elements. Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro More ❯

or activity considered to be unauthorised, unexpected or illegal Responding to incidents, utilising a catalogue of playbooks Escalation of complex incidents to Tier 2 Incident Response Teams Review and develop existing security controls in line with a constantly growing technical environment Triage and Review Vulnerability Scanning Reports, feeding … and develop understanding of security as a discipline Experience (Essential) Previous experience in Security, SOC or related technical field with desired, specific focus on Incident Management Vulnerability Management Relevant qualification(s) in Cyber Security, or other related technical roles Examples Degree in Cyber Security, Computer Science, Networks etc. Professional … limited to) cloud computing, SIEM, Vulnerability Scanning/Management etc. Understanding of some (or all) of the following: Key Concepts of Cloud Computing Security Incident Management Risk Management Information Security (CIA) Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and Leavers Processes) Security More ❯

need to be eligible for DV Clearance. What you'll be doing: Analysing security incidents using groundbreaking tools like Microsoft Sentinel and Splunk. Leading incident response. Fine-tuning detection rules and strategies with frameworks like Mitre Att&ck to stay ahead of new threats. Craft the future of our … applications (TCP/IP, VPNs, firewalls, etc.). Problem-solving skills to assess complex threats and deliver actionable insights. Experience with Mitre ATT&CK, incident response, and threat intelligence. It would be great if you had: Cyber Security certifications like CRT or OSCP. Hands-on experience with tools More ❯

Responsibilities and Tasks Monitoring systems for security alerts, intrusions, or unauthorized activities Responding to incidents using established playbooks Escalating complex incidents to Tier 2 Incident Response Teams Reviewing and developing security controls in a growing technical environment Triaging and reviewing vulnerability scanning reports, providing feedback to technical teams … like CompTIA, ISACA, etc. Technical qualifications such as cloud computing, SIEM, vulnerability management, etc. Experience (Nice to have) Understanding of concepts like cloud computing, incident management, risk management, information security (CIA), phishing, ransomware, IDAM, JML processes, security awareness, and information classification. About SiXworks SiXworks specializes in secure digital solutions More ❯

innovation Security Architecture & Operations: Oversee the design and operation of our global cloud security infrastructure across AWS, GCP, and/or Azure. Drive robust incident response, threat detection, and remediation processes. Risk Management & Compliance: Lead risk assessments and ensure adherence to international compliance standards (SOC 2, ISO More ❯

innovation Security Architecture & Operations: Oversee the design and operation of our global cloud security infrastructure across AWS, GCP, and/or Azure. Drive robust incident response, threat detection, and remediation processes. Risk Management & Compliance: Lead risk assessments and ensure adherence to international compliance standards (SOC 2, ISO More ❯

innovation Security Architecture & Operations: Oversee the design and operation of our global cloud security infrastructure across AWS, GCP, and/or Azure. Drive robust incident response, threat detection, and remediation processes. Risk Management & Compliance: Lead risk assessments and ensure adherence to international compliance standards (SOC 2, ISO More ❯

Engineering Professional). Other Cyber/information Security qualification (e.g. CISSP, CCSP, CCNA, SABSA) Desirable Skills Cloud, on-prem, SaaS, PaaS, IaaS environments. Security incident response. Coding skills. Experience working with Azure Sentinel. If you are interested in this role but not sure if your skills and experience are More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead … Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g. LogRhythm, Splunk) and IDS systems (e.g. Snort). In-depth knowledge of network and host security. Skilled in More ❯

a Senior IT Operations Manager within our 24x7 Enterprise Command Centre (ECC) . As part of the role you will act as a Major Incident Manager, leading our response to major incidents, ensuring minimal disruption to our customer and colleagues services. You’ll be the calm in the … present within the command centre is key to our success. About you As a minimum requirement you’ll: have extensive experience of Leading Major Incident Response - Taking command of major incidents, coordinating cross-functional teams to restore services swiftly and effectively. be highly effective at Stakeholder Communication - Acting More ❯

a Senior IT Operations Manager within our 24x7 Enterprise Command Centre (ECC) . As part of the role you will act as a Major Incident Manager, leading our response to major incidents, ensuring minimal disruption to our customer and colleagues services. You’ll be the calm in the … present within the command centre is key to our success. About you As a minimum requirement you’ll: have extensive experience of Leading Major Incident Response - Taking command of major incidents, coordinating cross-functional teams to restore services swiftly and effectively. be highly effective at Stakeholder Communication - Acting More ❯

a Senior IT Operations Manager within our 24x7 Enterprise Command Centre (ECC) . As part of the role you will act as a Major Incident Manager, leading our response to major incidents, ensuring minimal disruption to our customer and colleagues services. You’ll be the calm in the … present within the command centre is key to our success. About you As a minimum requirement you’ll: have extensive experience of Leading Major Incident Response - Taking command of major incidents, coordinating cross-functional teams to restore services swiftly and effectively. be highly effective at Stakeholder Communication - Acting More ❯

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at … the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused More ❯

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at … the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused More ❯