1 to 25 of 52 Incident Response Jobs in the Midlands

play a critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct … detail and high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation ...

Security Manager will work closely with Network Engineering, Systems, NOC, Infrastructure, Field Operations and third-party security providers to ensure effective threat detection, incident response, vulnerability management and continuous security improvement Responsibilities Cyber Security Strategy & Governance Define, implement, and maintain Airband’s cyber and information security strategy, policies … security controls are implemented across service provider infrastructure, including routing, switching, peering, transit and customer edge environments. Develop and maintain DDoS detection, mitigation and response capabilities to protect critical network services and customer connectivity. Maintain working knowledge and operational application of service provider security principles including BCP38 anti-spoofing ...

Senior Lead Cyber Security Analyst | SIEM, Incident Response & Vulnerability Management Location: UK (Hybrid) Salary: Competitive + Benefits I'm working with a well-established organisation looking to bring in a Senior Lead Cyber Security Analyst to take ownership of their security operations and help shape their cyber maturity. … This is a genuinely impactful role - you'll be the go-to for incident response, threat detection, and vulnerability management, while working closely with IT, risk, and external partners. What you'll be doing: Leading cyber incident response end-to-end Monitoring and tuning SIEM/ ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection posture, and compliance Own and support Microsoft Purview capabilities including Information Protection, Data Loss Prevention, Data Lifecycle Management … risk, compliance, data governance, and IT teams to maintain robust security controls, support audit readiness, and strengthen operational resilience Support and participate in security incident response and investigations, ensuring rapid containment, remediation, and recovery. What we are looking for in our ideal Security Operations Engineer : Proven experience ...

across the business. The Role Youll lead day-to-day cyber security operations, working closely with IT and business stakeholders to ensure robust monitoring, incident response, and risk management processes are in place. This is a hands-on role with both operational and strategic elements. Key Responsibilities Overseeing … cyber operations, including threat monitoring and incident response Managing vulnerabilities and supporting remediation activities Supporting the development and delivery of cyber security strategy Collaborating with internal teams and third-party providers Driving awareness, training, and continuous improvement initiatives About You Experience in cyber security operations, SOC, or incident ...

Cyber Security Manager is responsible for security operations, risk management, incident response, policy development and user awareness. The role will manage external 3rd party and internal virtual resources. Client Details The client is a well-established, multi-site professional services organisation operating at national scale. With a strong … matters, providing clear guidance to leadership and technical teams Lead engagement with a third-party Security Operations Centre (SOC), ensuring effective monitoring, detection and response Oversee incident management, including coordination, post-incident reviews and continuous improvement actions Own and manage key security platforms, including security awareness ...

smoothly in production. You will contribute to the operation of managed Kubernetes platforms (AKS/EKS), supporting best practices in monitoring, automation, and incident response, while continuing to develop your expertise in cloud-native technologies. About Synalogik Synalogik develops technology that enables organisations to work effectively with complex … supported, and then get the satisfaction of seeing them in products used in Tier 1 businesses. Key Responsibilities Site Reliability Engineering Participate in incident response, troubleshooting, and post-incident reviews Help reduce operational toil through automation and process improvements Contribute to improving system availability, performance, and scalability ...

infrastructure, implementing and overseeing risk management processes, ensuring that appropriate controls and countermeasures are in place to mitigate all identified risks. Lead the incident response efforts, including preparing for, detecting, and responding to cyber security incidents, ensure that an effective incident response plan is in place … regularly tested and managing post incident analysis and reporting to prevent future occurrences. Manage and mentor the cyber security team, fostering a culture of continuous learning and development, ensuring that the team has the necessary skills and tools to protect the organisation effectively, and oversee recruitment, training, and performance ...

effectively enforced and adhered to across the organisation. Hands-On DeliveryRemain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Lead and participate in cyber incident response ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Small Heath, Birmingham, West Midlands, B10 0HQ Type: Temporary Contract Hours: 8-Hour Shifts … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

senior levels, influencing senior stakeholders with effective articulation of business and operational risk in clear and pragmatic terms. Lead and participate in cyber incident response exercises and real incidents Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. … OT. Support audits, assessments, and regulatory or customer assurance activities. Remain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Experience required Experience owning a cyber security strategy encompassing ...

develop and enhance digital resilience policy documentation Strategic Change Management: lead transformation initiatives and security improvements Vendor & Partner Management: partner with IR and MSSP Incident Response & Crisis Management: Lead coordination of security incidents Education & Awareness: Design/Deliver cyber training programmes Risk Management & Reporting: Oversee comprehensive cyber risk … Management: Manage security elements of vendor management framework Digital Resilience Manager: Experience Experience working with MSSPs, Security Vendors, Managed Service providers Experience in security incident response and crisis management Policy development and documentation Knowledge of vendor management & procurement security requirements Data protection knowledge - GDPR, UK GDPR Desirable ...

pragmatic cyber security strategy aligned to business priorities, whilst establishing and maintaining security policies, standards, and governance frameworks. You will oversee security operations, including incident detection, response, and continuous improvement, and manage key third-party security service providers, ensuring performance and accountability. Risk management activities will … following experience: Proven interim experience in a Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls, and governance models. Experience ...

strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple-team/assurance, ransomware preparedness, and crisis playbooks. Maintain … executive incident communications, regulator notifications, and post-incident improvements. Act as escalation point for any security related service failures or major incidents. Threat and Vulnerability Management Support the TVM team in continuously reducing vulnerability levels in the organisation. Recommend procedural improvements and reporting to drive constant improvement. Drive ...

technical role where youll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. Youll also play an important role in mentoring analysts and supporting the continued development of the SOCs technical capability. Technology innovation is part … this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting ...

Work closely with developers to improve deployment processes, performance and reliability Monitor system performance and availability using tools such as Prometheus and Grafana Lead incident response and contribute to post-incident reviews Automate repetitive processes and reduce manual intervention Improve system resilience, scalability and fault tolerance Support ...

monolith to microservices on EKS. Define standards for containers, runtime environments, observability, tenancy, security, and infrastructure automation. Lead SRE practices including SLI/SLOs, incident management, DR/BCP planning, post-mortems, and operational resilience. Own platform security, secure SDLC, CI/CD pipelines, IaC, and software supply chain … networking, KMS, RDS, and multi-account architecture. Hands-on Kubernetes, CI/CD, Terraform, and cloud security experience. Strong understanding of SRE, observability, incident response, and disaster recovery. Experience operating within regulated environments such as ISO 27001, SOC 2, or GxP. Comfortable balancing strategic leadership with hands ...

monolith to microservices on EKS. Define standards for containers, runtime environments, observability, tenancy, security, and infrastructure automation. Lead SRE practices including SLI/SLOs, incident management, DR/BCP planning, post-mortems, and operational resilience. Own platform security, secure SDLC, CI/CD pipelines, IaC, and software supply chain … networking, KMS, RDS, and multi-account architecture. Hands-on Kubernetes, CI/CD, Terraform, and cloud security experience. Strong understanding of SRE, observability, incident response, and disaster recovery. Experience operating within regulated environments such as ISO 27001, SOC 2, or GxP. Comfortable balancing strategic leadership with hands ...

pipelines and self-service automation to improve speed, quality and reliability of delivery * Embed monitoring, logging and alerting to ensure high availability and rapid incident response * Support and enable engineering teams through documentation, guidance and continuous improvement of developer experience This role is paying between ...

understanding of relevant legal, regulatory and compliance requirements Proven experience implementing and operating security management in line with legislation and standards Experience conducting investigations, incident response and producing clear, high-quality reports Strong background in risk management, including risk assessment and logging Experience in process mapping and producing … effective, user-friendly procedures Broad understanding of information and cyber security technologies Experience in cyber incident management and remediation Knowledge or experience of forensic investigation Excellent written and verbal communication skills, with the ability to engage confidently with senior stakeholders A customer-focused mindset with a commitment to high ...

will be actively responsible for ensuring the successful achievement of external certifications such as ISO27001, MOU, PSN and PCI-DSS etc alongside managing security incident response plans. In addition, the Lead information Security Analyst/Engineer will provide advice and guidance on government standards and industry best practice …/risk problems across a diverse range of security threats Good knowledge of IT Security Principles All round experience of vulnerability management, information security incident management alongside IT Service and Asset management systems Lead Information Security Engineer/Analyst - Benefits Basic salary of up to £54k on offer Pension ...

will be actively responsible for ensuring the successful achievement of external certifications such as ISO27001, MOU, PSN and PCI-DSS etc alongside managing security incident response plans. In addition, the Lead information Security Analyst/Engineer will provide advice and guidance on government standards and industry best practice …/risk problems across a diverse range of security threats Good knowledge of IT Security Principles All round experience of vulnerability management, information security incident management alongside IT Service and Asset management systems Any formal Security qualification or Degree will be advantageous Lead Information Security Engineer/Analyst - Benefits ...

/EventBridge/Step Functions Proven experience designing and delivering microservices and event‐driven architectures Strong experience supporting production systems, including monitoring, debugging and incident response Experience defining and embedding engineering standards and delivery best practices Strong understanding of API design, systems integration and distributed system principles Experience ...

scope to take on more senior responsibilities as the team grows. The Role: *Linux system administration across Ubuntu and Debian environments *On-call incident response, monitoring and system optimisation *Automating provisioning and deployments using Ansible *Supporting cloud-based SaaS infrastructure and security best practices *Maintaining technical documentation ...