1 to 25 of 83 Incident Response Jobs in the North of England

Security Engineer , Global Services Security Job ID: Amazon Web Services EMEA SARL (Irish Branch) Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited … capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help … success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services. Key job responsibilities Perform and oversee security incident response operations Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event. Independently contribute to teams that include Amazonians More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will … play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design … and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations More ❯

the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive … processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg More ❯

IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. … in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working … depending on experience) Benefits: Competitive package including pension, healthcare, and training opportunities Onsite role within a collaborative SOC environment Exposure to advanced security tooling and real-world incident response 👉 If you’re passionate about cyber defence and want to advance your career as part of a dedicated SOC team in Manchester , we’d love to hear from you. More ❯

IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. … in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working … depending on experience) Benefits: Competitive package including pension, healthcare, and training opportunities Onsite role within a collaborative SOC environment Exposure to advanced security tooling and real-world incident response 👉 If you’re passionate about cyber defence and want to advance your career as part of a dedicated SOC team in Manchester , we’d love to hear from you. More ❯

IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. … in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS/IPS, firewalls, and vulnerability management. Strong problem-solving skills and a proactive, analytical mindset. Comfortable working … depending on experience) Benefits: Competitive package including pension, healthcare, and training opportunities Onsite role within a collaborative SOC environment Exposure to advanced security tooling and real-world incident response 👉 If you’re passionate about cyber defence and want to advance your career as part of a dedicated SOC team in Manchester , we’d love to hear from you. More ❯

Technology) assets safe from internal and external threats. Accountable for ensuring the confidentiality, integrity, and availability of company information resources by implementing and maintaining security controls, performing comprehensive security incident response, engaging in proactive threat assessment, mitigation planning, incident trend analysis, and security architecture review. Accountable for gap analysis and regular audits of OT environments to ensure … industry security standards. Accountable for complex and speedy troubleshooting to minimise any network security threats to the company. Provide 2nd line IT support when and where required. IT Security Incident Management Coordinate and carry out the security incident management lifecycle including preparation, detection and analysis, containment, eradication and recovery. Coordinate incident handling and contingency planning activities. Incorporate … lessons learned from ongoing incident handling activities into incident response procedures, training, and testing and implement resulting changes accordingly. Manage escalations in or out of normal business hours liaising with global internal and external service providers. Security Operations Daily support and security auditing of the firewall landscape. Support and audit remote access to internal company resources. Create More ❯

Technology) assets safe from internal and external threats. Accountable for ensuring the confidentiality, integrity, and availability of company information resources by implementing and maintaining security controls, performing comprehensive security incident response, engaging in proactive threat assessment, mitigation planning, incident trend analysis, and security architecture review. Accountable for gap analysis and regular audits of OT environments to ensure … industry security standards. Accountable for complex and speedy troubleshooting to minimise any network security threats to the company. Provide 2nd line IT support when and where required. IT Security Incident Management Coordinate and carry out the security incident management lifecycle including preparation, detection and analysis, containment, eradication and recovery. Coordinate incident handling and contingency planning activities. Incorporate … lessons learned from ongoing incident handling activities into incident response procedures, training, and testing and implement resulting changes accordingly. Manage escalations – in or out of normal business hours liaising with global internal and external service providers. Security Operations Daily support and security auditing of the firewall landscape. Support and audit remote access to internal company resources. Create More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

Leadership, leading key initiatives to protect systems, data and users while helping shape the organisations security posture. What youll be doing: Managing day-to-day information security operations, including incident response and risk assessments Leading the development and implementation of security policies, standards, and controls Driving continuous improvement initiatives to strengthen cyber resilience Developing and supporting security roadmaps … to Cyber Essentials, ISO27001 or similar What youll need: Proven experience managing IT security or information security functions Strong technical knowledge of Microsoft environments and security controls Experience with incident response, vulnerability management, and security risk mitigation Confident working with both technical teams and business stakeholders Solid understanding of security frameworks and compliance standards Ability to lead projects More ❯

tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents, and develop robust incident response plans to ensure timely and effective resolution. Collaborate with cross-functional teams to design, implement, and manage security controls and configurations across a range of platforms and … . Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision -making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols More ❯

STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement audits, and role certification; identify and remediate potential vulnerabilities in provisioning and access enforcement. Incident Management & Response Participate in access-related incident response, including unauthorized access investigations, root-cause analysis, and mitigation measures. Client Engagement & Training Collaborate with stakeholders to understand … SAML/OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440/604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication Skills : Strong ability to engage with both technical teams and non More ❯

WORKING - 3 DAYS ONSITE Are you ready to step into a vital role that ensures the smooth operation of our client's technology services? We are seeking an enthusiastic Incident Management Analyst to join our Global Command centre team. This is an exciting opportunity to contribute to a dynamic environment, ensuring business continuity and operational excellence across the EMEA … region. Position Summary: As an Incident Management Analyst, you will play a key role in maintaining the availability and performance of our client's systems. Your primary focus will be ensuring that end-user systems are consistently available per required SLAs. This role is critical for sustaining the continual demand for incident assistance during both weekdays and weekends. … Key Responsibilities: Incident Response: - React promptly to service failures based on business impact. - prioritise multiple high-priority incidents simultaneously. - Facilitate standard call processes, lead troubleshooting efforts, and engage technical teams, escalating issues as necessary. Communication Management: - Communicate effectively with stakeholders and internal teams. - Confidently interact with senior executives. - Provide regular updates on incident status and ensure effective More ❯

Proactively work with business units and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any data privacy issue, Contribute to More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including … You We’re looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT More ❯

the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including … You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT More ❯