23 of 23 Incident Response Jobs in Lancashire

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

We are looking for a highly skilled Senior Information Security Engineer with deep expertise in security tooling across both on-premise and cloud environments. You will lead threat detection, incident response, and security architecture efforts within a hybrid environment. This is a highly technical engineering role, where you'll be hands-on developing and maintaining our security operations … maintain advanced security configurations across the Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections). Lead security incident detection, investigation, and response activities alongside the SOC. Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and … Management (PIM). Specific knowledge of AWS security stack would be beneficial including GuardDuty, CloudWatch and SecurityHub Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS, PCI-DSS. Excellent incident response, problem-solving, and communication skills. Preferred Certifications: Microsoft Certified: Cybersecurity Architect Expert (SC-100) Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

sit at the heart of our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer, and more cost-efficiently. What … you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and self-service infrastructure Enhancing CI/CD pipelines (Azure DevOps, YAML-based … services (SQL, Cosmos DB, ADF, Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices and automated budget controls What More ❯

to the setup and ongoing enhancement of the Security Operations Center (SOC). Investigating security incidents and implementing effective countermeasures. Utilizing SOC tools such as SIEM, vulnerability scanners, and incident response solutions. Performing threat hunting by analyzing and assessing security events on central platforms. Documenting incidents thoroughly in ticketing and SIEM systems, and generating detailed reports. Monitoring systems … of offensive security concepts. Experience with programming languages such as Python and SQL. Minimum C1 level in German with good knowledge of English. Desirable skills: Experience working with Sophos. Incident response experience. Experience with malware analysis. Company benefits: Attractive salary. Strong progression plans. Excellent training opportunities and personal development. Opportunity to attain certifications. Work alongside an inclusive team More ❯

malicious content. Configure and maintain web and email filtering solutions to block phishing attempts, malware, and other threats. EDR and XDR Technologies: Administer and respond to Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) technologies to swiftly mitigate threats. Monitor alerts, investigate incidents, and take appropriate actions to contain and remediate threats. Security Governance and … security layers align against our Internal Security Standards and Statutory and Regulatory obligations. SIEM Management: Manage, monitor, and respond to security incidents and events using the Council's Security Incident and Event Monitoring (SIEM) platform. Ensure timely detection, analysis, and response to security incidents to minimise impact and support recovery efforts. As part of our team, the successful … phishing protection, and ensuring compliance with security policies. EDR and XDR Technologies: Detailed practical knowledge of administering and responding to EDR and XDR technologies. Experience with endpoint security solutions, incident response procedures, and threat detection and remediation. Security and Cloud Architecture: Broad knowledge of Security and Cloud architecture principles. Management Reporting: Recent experience of providing high-quality management More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story.As our Site Reliability Engineering Manager you will:- Lead … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience More ❯

NCSC) Develop and deliver a Security Assurance Testing program, including internal and external audit, penetration testing and associated activities. Represent the university in regulatory or assurance activities and lead response to security audits and assessments. Own the university's information security policy framework, ensuring policies are effective, enforceable, and reflective of regulatory and operational needs. Provide strategic input into … the security incident response capability, ensuring robust governance, timely escalation, and cross-functional collaboration with CSIRT and key stakeholders. Collaborate on the development and continual improvement of enterprise-wide remediation strategies and readiness planning. Provide strategic insight for information security risk management, ensuring effective collaboration to maintain an accurate, prioritised, and actionable university-wide risk register. Set the More ❯

strategy across the business, aligned to wider Group objectives Lead and manage the internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership … across new and existing technology programmes Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years More ❯

our Information Security team and exposure to our wider IT teams. You will build knowledge in the following areas: Risk Management, Policy and Compliance, Security Certifications,Supplier Due Diligence, Incident Response and Awareness, and Security Awareness, as well as working on ongoing projects. WHAT IS THE SCOPE OF THE ROLE? The following list is not exhaustive but gives More ❯

with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First Responders assist with pro-active security operations, including both regularly scheduled security assessments as well as ad-hoc … security taskings Location Hybrid - Bristol or London Type Permanent, full-time Immediate Who we are looking for. The responsibilities of this role include: Initial triage and response to security alerts. Supporting customer cloud infrastructure & security posture. Monitoring and resolution of key security metrics. Identify emerging security trends. IOC creation based on emerging threats. Acting as a key part of … the cyber incident response team. Completion of proactive security reports. 24/7 Shift Work - 4 on 4 off pattern. This role will require working within a close-knit team to help build Stripe OLT as a global leader in cyber security - focused specifically on defensive domains. The role requires a self-starter, an ideal team player who More ❯

Cyber Essentials, ISO 27001, NIST, and GDPR Configure and deploy essential tools: firewalls, IDS/IPS, endpoint protection, and encryption Overhaul Active Directory, Group Policies, and server configurations Lead incident response, forensic analysis, and threat mitigation Monitor and adapt to new threats with continuous improvement initiatives About You: Proven experience delivering security solutions in cloud, on-prem, and More ❯

webhooks and Docker). Act as DB SME for the trust organization, interact with internal Roku teams to advise them on security best practices, DB architectures, and assist in incident response and other security investigations. Developing (or extending OSS) security automation tooling. This can range from detection tooling to security process automation, or a fuzzing infrastructure to find More ❯

necessary patches or configuration changes. - Develop and maintain a comprehensive vulnerability management program, including vulnerability tracking, risk assessment, and remediation planning. Stakeholder Collaboration: - Act as a stakeholder for the response team, providing expert guidance on security-related alerts, incidents, and potential improvements. - Collaborate with cross-functional teams, including network engineers, system administrators, and application developers, to implement security network … solutions and improve overall network security posture. - Participate in network security incident response activities by providing technical expertise and assisting in investigations when necessary. More ❯

voice AI, automation, and predictive tools Overhaul the legacy CRM’s UI/UX into a modern, high-performance platform Cybersecurity & Risk Management Own enterprise cybersecurity strategy, audits, and incident response Design post-attack processes and lead quarterly vulnerability assessments Infrastructure & Performance Optimise PHP/MySQL stack for speed, uptime, and stability Resolve CRM bottlenecks and implement diagnostic More ❯

and technical strategy for clients across a wide range of sectors. Deliver whiteboard sessions and client workshops to define tailored security solutions. Support customers during incidents and contribute to response strategies. Create technical documentation and provide trusted guidance to customers. Conduct enablement sessions for internal sales teams, partners, and clients. Engage with customers alongside sales to overcome technical challenges. … in cyber security service offering. What You'll Bring 2+ years in Pre-Sales, Cybersecurity or similar technical consultancy role (MSP/reseller experience preferred). Strong understanding of incident response, SOC operations, and endpoint security. Familiarity with security standards (ISO27002, CIS, NIST, CAF). Experience with technologies such as SSE, SASE, SIEM, MDR/EDR. Confident in More ❯

automation and RPA strategies aligned with value streams and business goals Collaborate with cross-functional teams, including change, engineering, and business leaders Ensure strong platform security, monitoring, compliance, and incident response Key Skills & Experience: Proven expertise in Azure architecture, including AKS, Cosmos DB, SQL Database, and Storage Experience with IaC tools (e.g. Terraform, ARM templates) Strong knowledge of More ❯

resolutions are within SLA. Build and nurture strong relationships both internally and externally to enhance service delivery for our customers. Complete and document Root Cause Analyses (RCAs) and Post Incident Reviews (PIRs), recommending improvements where necessary. Contribute to ITSM-driven initiatives, collaborating as a chapter to implement positive changes. Create and maintain Knowledge Base articles for team sustainability and … API testing tools Experience in unit testing with a focus on continual improvement in API monitoring and performance A mindset geared towards optimisation and automation, especially in alerting and incident response processes Strong documentation skills to ensure key processes and learnings are shared across the team Solid understanding of ITIL v4 (certification required) Exposure to Agile methodologies A More ❯

both written and spoken Demonstrable experience as a Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest More ❯

track down the root cause. Communicate the impact of the problem to stakeholders in terms of business value, helping to set a priority for the resolution. Actively participate in incident responses. Engineering standards & frameworks - Maintain knowledge of Xero's current and emerging engineering standards and practices. Develop and deploy software that meets Xero's standards. Continuous improvement - Maintain knowledge More ❯

Define and implement observability standards, including logging, metrics, tracing, and alerting . Use tools like New Relic , Prometheus , and Grafana , alongside building custom instrumentation for key platform services. Drive incident readiness and operational resilience by enabling actionable monitoring and alerting. Drive cloud cost visibility and optimization efforts across engineering through dashboards, tagging standards, and automation. Partner with stakeholders to … platforms and enablement frameworks. Experience with cloud-native technologies, Kubernetes, and Infrastructure as Code (Terraform, Helm, etc.). Strong understanding of observability tooling (especially New Relic, Prometheus, Grafana) and incident response best practices. Familiarity with FinOps, platform cost tracking, and infrastructure efficiency techniques. Excellent communication, leadership, and stakeholder management skills. Attract, hire, and develop talented platform engineers with More ❯

and availability of our security infrastructure. What You'll Be Doing * Managing Hardware Security Modules (HSMs)and cryptographic infrastructure* Creating, storing, and retiring encryption keyssecurely across multiple platforms* Supporting incident and change managementprocesses* Collaborating with application, infrastructure, and support teams* Ensuring compliance with security standards and audit requirements* Contributing to project deliveryand continuous improvement initiatives What We're Looking … work under pressure* Excellent communication and stakeholder management skills Nice to Have * ITIL Foundation certification* Security or project management certifications* Experience with tools like JIRA, Confluence, SharePoint* Background in incident responseand risk management Benefits * Salary up to £41,000 depending on experience* Pension of 12%* Private medical* Discretionary bonus Please Note: This is a permanent role for UK residents More ❯