12 of 12 Incident Response Jobs in Scotland

Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise to work … development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage and mentor SOC team members ...

industry standards (e.g., GDPR, PCI DSS, NIST CSF) Influence cyber security improvements by reviewing IT/security architectures and providing expert challenge Oversee incident response readiness and assurance of cyber security testing across the enterprise Promote strong security awareness and assure the quality of provider training Conduct horizon … risk assessment and development of mitigation plans aligned to business objectives Experience producing cyber security performance metrics for senior leadership Hands-on experience in incident response, vulnerability management, system hardening, and post-incident analysis Strong understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation ...

platforms and services. Apply software engineering principles to improve reliability, scalability, performance and operability. Contribute to technical strategy, standards and long-term platform evolution. Incident Management & Resilience Lead and participate in incident response, root cause analysis and blameless post-mortems. Use data and observability to reduce mean … . Deep understanding of Linux, networking, distributed systems and cloud platforms. Experience with infrastructure-as-code and automation (e.g. Terraform, Ansible, CloudFormation). Strong incident response, troubleshooting and fault-analysis skills using a scientific, data-driven approach. Experience with observability: metrics, logging, tracing, alerting and performance analysis. Ability ...

mentor and escalation point for Tier 1 and Tier 2 analysts during live operations Support alignment between SOC operations, threat intelligence, and incident response functions Capture operational metrics relating to alert handling efficiency, response delays, and quality issues Identify procedural gaps and contribute to the improvement … playbooks, SOPs, and workflows Assist the incident response function with investigations requiring escalation to embedded internal stakeholders The ideal candidate would have: A strong career background in Cyber Security within an operational SOC environment Experience mentoring, coaching, or providing quality assurance to SOC analysts The ability to lead ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

strategy (anycast, BGP policy, routing integration) and partner with networking, DNS, and edge platform teams. Set operational standards: SLOs/SLAs, on-call health, incident response (including incident commander duties), runbooks, and post-incident learning. Drive automation at scale: CI/CD strategy, test frameworks, progressive ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

practices using Bicep or Terraform.Monitoring & Operations: Set up and maintain observability for integration components using Azure Monitor, Application Insights, and Log Analytics. Support incident response and root cause analysis for integration-related issues.Security & Compliance: Apply security best practices across integration solutions, including authentication, encryption, and access control. Ensure … Management.Experience Azure Blob Storage, Key Vaults and Monitoring and Logging.Experience with RESTful APIs, JSON, and integration patterns (e.g., pub/sub, request/response, ETL).Familiarity with Azure Data Factory, Ab initio for data & ODI for movement and transformation of data.Experience with scripting and automation (e.g., PowerShell, Azure ...

ensure the reliability, availability, and scalability of the systems, platforms, and technology through the application of software engineering techniques, automation, and best practices in incident response. There is a big focus on SRE within the business at the moment on how to maintain and improve the existing SRE estate ...

applications to safeguard sensitive data. Manage and protect secrets securely, ensuring proper generation, storage, and usage. Conduct audits to monitor and assess vulnerabilities, supporting incident response. Stay ahead of cryptographic advancements to enable adoption of new technologies. Collaborate with developers and security teams to align solutions with business objectives ...

degradation, back pressure, fault isolation. Strengthen "developer leverage": replay/simulation tools, regression tests, and debugging tooling. Work with cloud infrastructure, deployment, monitoring, and incident response. Collaborate directly with the founder and engineering team on architecture and roadmap. Essential Skills 5+ years professional Python experience; you've shipped ...