26 to 50 of 97 Incident Response Jobs in the South East

SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop … correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. ...

security solutions appropriate to the business needs. Support the definition, execution and continuous improvement of key cyber security processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

recovery aligned to RTO/RPO Manage identity and access management controls Implement monitoring and alerting using Azure Monitor and Log Analytics Support incident response, recovery and release readiness Collaborate with engineering leads, security teams and partners Profile A successful DevSecOps should have: Problem-solving skills … hands-on experience with ARM and Bicep CI/CD pipeline security in Azure DevOps DevSecOps framework design experience Vulnerability management and remediation delivery Incident response, backup and recovery experience Strong scripting skills (PowerShell, Python) Excellent communication and stakeholder influencing skills Self-starter with strong problem-solving mindset ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

formal dotted‐line accountability, without centralising day‐to‐day operations.*Cyber security oversight** Own the enterprise cyber risk posture, ensuring cyber capabilities, controls and response are appropriate to business and threat context.* Set expectations for cyber resilience, incident response and recovery, working in partnership with Technology leadership. … defence, critical infrastructure, maritime or highly regulated industries.* Familiarity with ISO 27001 and related security and risk frameworks.* Experience working with cyber insurance, incident response and crisis management at executive level.**Salary for this position:** Up to £170,000 per annum**Salary**: The salary varies for this position ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

operations. Ensure availability and performance of core banking systems, payment gateways, and all customer-facing digital platforms. Lead IT change, systems upgrades, incident response, and technology risk management. Govern system access controls, IT policies, and disaster recovery processes. Oversee cybersecurity strategy, controls, testing (including penetration testing), and ongoing … monitoring. Ensure compliance with FCA/PRA cyber requirements, NCSC guidance, and GDPR. Own the incident response plan for cyber events and support regulatory notifications if required. Oversee payment processing (Faster Payments, CHAPS, BACS, card payments, etc.). Ensure reconciliations, settlements, and exceptions management are timely and accurate. ...

maturity toward CTEM, and strengthen our Exposure Management model. You'll ensure alignment with security policies, standards and regulatory requirements, while maintaining and enhancing incident response plans, documentation, risk assessments and remediation records. You'll also play an active role in training and awareness to promote strong security … hygiene across the organisation. To succeed, you'll bring relevant experience in vulnerability management, risk analysis and incident response, supported by certifications such as CISSP or CISM, plus a degree or equivalent experience in Information Security, Computer Science or a related field. If you're excited by transforming ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

Risk Management: Own and manage the security risk management program, including advanced risk assessments, vendor risk reviews, third-party due diligence, and mitigation planning. Incident Response & Improvement: Collaborate on incident coordination, response, root cause analysis, and driving continuous improvement initiatives. Stakeholder Communication: Deliver clear, data-driven ...

Responsibilities Proactively monitor security alerts, dashboards, and event queues for a portfolio of clients, identifying sophisticated threats and anomalies. Perform advanced analysis of incident data, logs, and artefacts, validating genuine security incidents and leading initial containment. Take ownership of escalated alerts from Level 1 analysts, performing in-depth investigation … managing the incident response process through to resolution or escalation to senior technical leads. Collaborate with other SOC team members, mentoring and providing guidance to junior analysts to build team capability. Support forensic data collection and evidence management during incident investigations; contribute expertly to incident post ...

Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams to embed security-by-design … support Secure Software Development Lifecycles (SSDLC) Lead initiatives around incident response strategy, detection engineering, mitigation planning, and digital forensics readiness Monitor emerging cyber threats, vulnerabilities, and regulatory changes, providing expert guidance to stakeholders Produce high-quality architectural documentation supporting audit, governance, and compliance requirements Required Experience & Skills Proven ...

them using defined security patterns and security principles. Support the definition, execution and continuous improvement of key cybersecurity processes Including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Manage, deliver, and lead cybersecurity and cyber risk assignments, producing ...

escalation point across 1st, 2nd, and 3rd line support Managing and improving cloud platforms, SaaS tools, and network environments Leading troubleshooting and incident response for complex technical issues Overseeing onboarding/offboarding, device management, and access controls Driving automation and reducing manual processes Improving IT processes, documentation ...

modern engineering and traditional ITSM/ITIL practices Establish SLIs, SLOs, and Error Budgets Shape observability strategies using metrics, logs, and traces Design incident response models and post-incident learning loops Reduce toil through automation and engineering excellence Deliver SRE capability assessments and roadmaps … Looking For Extensive experience in SRE, cloud operations, or DevOps Proven consulting or advisory background Experience with AWS, Azure, or GCP Strong observability and incident management expertise Ability to obtain UK SC clearance Modis International Ltd acts as an employment agency for permanent recruitment and an employment business ...

solutions Collaborate with engineering, DevOps, and IT teams to embed security by design and ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

data remain protected against evolving threats. IT Security Analyst Key Skills: * IT security principles and best practices * Risk assessment and mitigation * Security monitoring and incident response * Microsoft security tools (Defender, Purview, etc.) * GDPR and data protection compliance * Patch management and vulnerability management * Networking and infrastructure security * Security frameworks ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

high technical and security standard Deliver and maintain a secure Azure operating model Ensure consistency, resilience, and scalability across Azure environments Operational Leadership & Incident Management Lead and coordinate Major Incident response relating to Azure and associated cloud services Act as a senior escalation point for complex platform … issues Drive post-incident reviews, root cause analysis, and service improvements Vendor & Service Management Provide a high standard of vendor and service management Manage relationships with Microsoft and third-party suppliers Ensure services meet agreed SLAs, security expectations, and value-for-money objectives Lead service reviews and escalation activities ...

availability environment. * 24/7 Rota Coverage: Work as part of a dedicated shift rotation (including nights, weekends, and holidays) to provide continuous monitoring, incident response, and resolution. * Incident Management: Act as the primary point of contact for network fault isolation and resolution during your shift. Escalate ...