76 to 100 of 180 Incident Response Jobs in London

tools across NOC and SOC environments Gather and analyse information from a wide range of security and infrastructure tools Handle operational tickets, escalations, and incident support across 1st and 2nd line activity Develop and improve NOC and SOC procedures and support operational best practice Work closely with Security Analysts … wider teams on threat mitigation and incident response Support and train monitoring engineers within live operations environments Key Requirements Previous experience in a Network Security Engineer , Security Operations , Technical Assurance , or similar role Strong background in networking , with a solid understanding of secure network design and operations Hands ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

impact Act as the link between technical security and the wider business, translating requirements clearly Drive improvements across: SOC/SIEM capability (currently OpenText) Incident response and vulnerability management Penetration testing and security assurance Cloud security across Microsoft and Google environments Support key transformation programmes, particularly across data … isolation What We're Looking For Proven background in Information/Cyber Security with a hands-on approach Experience across core security operations (SIEM, incident response, vulnerability management, cloud security) Comfortable working across both Microsoft and Google cloud environments Experience managing or mentoring junior team members Able ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within the CI/… have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management (Coordinating risk-based ...

integrated practices for operational health, performance, and security. Define infrastructure strategy across Azure, hybrid, and legacy environments, including modernization roadmaps. Establish best practices for incident response, monitoring, playbooks, and capacity planning. Govern infrastructure changes including CAB oversight, rollback planning, and risk management. Advance infrastructure automation and IaC maturity … align infrastructure with broader technical goals. Own metrics for uptime, cost optimization, alert fatigue, and service-level objectives (SLOs). Establish best practices for incident response, playbooks, monitoring, and continuous improvement. Oversee change management including CAB governance, rollback strategies, and release pipelines. Collaborate closely with Help Desk, Security ...

Reduce alert fatigue by tuning thresholds, suppressing false positives, and downgrading non-actionable errors - Be the first responder when something breaks in production Reliability & Incident Response - Investigate and resolve production incidents end-to-end: detection, root cause analysis, fix, and post-mortem - Handle database performance issues: slow query … scale: clustering, read replicas, failover handling - Solid understanding of container orchestration and deployment strategies - Experience with monitoring and observability platforms (Datadog preferred) - Comfort with incident response: you've been paged at 2am and know how to stay calm, diagnose, and fix - Familiarity with CI/CD pipelines (CircleCI ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

continuously enhances the overall cyber security posture. Key Responsibilities Lead and develop the organisation’s cyber security strategy Oversee security operations, risk management, and incident response Ensure systems, infrastructure, and data are protected against cyber threats Collaborate with senior stakeholders across football and corporate functions Drive security awareness … Required Strong background in information and cyber security leadership Experience in security architecture Knowledge of risk and compliance frameworks (ISO, NIST, etc.) Experience with incident response and SOC environments Ability to influence senior and non-technical stakeholders Experience managing security tooling, vendors, and frameworks Excellent communication and leadership ...

operations. Ensure availability and performance of core banking systems, payment gateways, and all customer-facing digital platforms. Lead IT change, systems upgrades, incident response, and technology risk management. Govern system access controls, IT policies, and disaster recovery processes. Oversee cybersecurity strategy, controls, testing (including penetration testing), and ongoing … monitoring. Ensure compliance with FCA/PRA cyber requirements, NCSC guidance, and GDPR. Own the incident response plan for cyber events and support regulatory notifications if required. Oversee payment processing (Faster Payments, CHAPS, BACS, card payments, etc.). Ensure reconciliations, settlements, and exceptions management are timely and accurate. ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third‐party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy … Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning ...

Catalogues, High-Level and Detailed Solution Designs, Data Flow Diagrams, and evidence of GDS alignment Ensure integration solutions support real-time monitoring, alerting, and incident management (e.g., via ServiceNow and Power BI dashboards), in line with GDS requirements for operational monitoring and incident response Work with security … teams to ensure all integrations meet protective monitoring and incident notification requirements, following GDS security and privacy standards Support test assurance activities, including integration testing, defect triage, and resolution, ensuring quality is built in from the discovery phase as per GDS guidance Provide technical leadership and guidance to project ...

modeling, design reviews, and architectural assessments for new and existing systems. Contribute to internal security documentation, best practices, and developer guidance. Participate in security incident response when engineering expertise or automation support is needed. WHAT YOU WILL NEED: 4+ years of experience in security engineering, platform security … continuously improve the security posture of complex systems. Familiarity with some of the following: Cloudflare (DDoS protection, WAF), OSS SIEM tools (Splunk, Elastic, etc), Incident management platforms (e.g. Incident.io, PagerDuty) Familiarity with at least one of the following CI/CD systems (Github Actions, Concourse, CircleCI) Familiarity with maintaining ...

SecurityDrive the secure design and operation of critical technology platforms, collaborating closely with platform owners and engineering teams to embed security throughout the lifecycle.Incident Response and Threat ManagementProvide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security ...

maintain, configure, and troubleshoot security platforms. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. Participate in incident response efforts, including forensic examination of compromised systems. Author reports include assessment-based findings, outcomes, and propositions for further system security enhancement. Review … Advanced knowledge of security platforms, threats, vulnerabilities and vulnerability management/remediation, identity and access management, network segmentation, encryption, network traffic, system hardening, and incident response. Knowledge of risk assessment tools, technologies, and methods. Experience designing secure networks, systems, and application architectures. Knowledge of current regulatory frameworks and guidance ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

Drive adoption of IaC and automated deployment processes Oversee systems integration architecture, ensuring compatibility and performance across cloud, on-premises, and hybrid environments Lead incident response, disaster recovery planning, and BCP/DR testing Monitor platform performance and establish KPIs and SLAs for availability, security, and uptime Lead ...

Oversee risk management, threat assessment and vulnerability programmes Ensure compliance with ISO 27001, ISO 42001, GDPR and other relevant frameworks Manage security operations including incident response, monitoring and investigations Partner with IT, engineering, legal and business teams to embed security best practice Lead internal/external audits, assessments ...

Gitlab pipeline, Terraform and DevSecOps practices.* Drive architectural decisions and mentor engineers in performance tuning, resilient design, and secure coding practices.* Contribute to incident response and postmortems, continuously improving system reliability.What You'll bring:* Experience in managing engineers, with 3+ years in deep expertise in distributed systems.* Proven ...

/CD pipelines across backend, frontend, and data services Develop and manage logging, metrics, tracing, and alerting systems Lead efficient on‐call and incident-response processes Monitor and optimise cloud spend Tech Stack Cloud: Azure (AWS a plus) IaC: Terraform Containers: AKS (Kubernetes), Docker CI/CD: GitHub ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

procedures aligned to UK Government frameworks Conduct People and Physical Security risk assessments, audits and assurance activities Lead or support personnel security investigations, incident response and post-incident reviews Contribute to the development and delivery of insider risk programmes Provide subject matter expertise and advisory support ...