26 to 50 of 115 Incident Response Jobs in the South East

threat modelling and risk assessments for new features and system changes. Evaluate and recommend security technologies and tools. Operational (40%) Manage security environments across Azure and AWS infrastructure. Lead incident response efforts and coordinate vulnerability remediation activities. Manage continuous security monitoring, alerting, and detection systems. Administer vulnerability management and penetration testing programs. Maintain strong identity, access, and privilege … DSS and securing payment systems. Deep understanding of cloud security across Azure and/or AWS. Skilled in application security and the secure development lifecycle (SDLC). Experienced in incident response and cross-functional coordination. Confident supporting tenders and delivering client security assurance. Preferrable If You. Professional certifications such as CISSP, CISM, CISA, or equivalent. Experience in or More ❯

Overview You'll be operating within a compact, high-performing capital markets environment , taking full ownership of the SOC function and acting as the internal escalation point for all incident response and forensic activity. Reporting to the Deputy CISO, this role is ideal for a hands-on SOC leader who can balance strategic oversight with day-to-day … technical execution. You'll manage the external SOC supplier, maintain visibility across tooling and detections, and drive continual improvements in incident management, monitoring, and response. Key Skills & Experience Proven experience leading or managing a SOC function within capital markets, FinTech, or smaller financial services environments. Strong technical experience with CrowdStrike and Elastic SIEM . Skilled across the Microsoft … Security Stack (Defender, Sentinel, Entra). Hands-on capability in incident response, threat hunting, and digital forensics . Demonstrated experience managing outsourced SOC providers and maintaining performance SLAs. Strong communication and stakeholder management with senior technology and security leadership. All candidates must complete standard screening (Right to Work, DBS, credit/sanctions, employment verification). This is an More ❯

intelligence outputs including indicator packages, threat actor profiles, and campaign assessments. Translate complex technical findings into concise, risk-based intelligence for decision-making. Collaborate with SOC, Detection Engineering, and Incident Response teams on purple-team exercises and threat-hunting. Maintain trusted relationships with industry and intelligence communities. Provide SME-level advice and challenge stakeholders using evidence-based reasoning. … improvement. Use JIRA, Confluence, and other platforms to manage workflows and document intelligence findings. About You We’re looking for someone with a strong technical background in threat intelligence, incident response, or threat hunting, ideally within enterprise or global environments. You’ll be confident in analysing complex threats and communicating your findings clearly to both technical and non More ❯

regular vulnerability scans using tools like Nessus, Qualys, or OpenVAS. • Analysing scan results, prioritizing risks, and coordinating with stakeholders for remediation. • Key activities in relation to threat monitoring and response will include monitoring networks, systems, and applications for potential threats and unusual activity. • Responding to security incidents, investigating breaches, and leading root cause analyses. • Maintaining incident response … protection software EDR, Anti-Virus, DLP and securing mobile, tablet, laptop, desktop devices. • Familiar with Zero Trust security models • Proficient in using SIEM tools • Experience with log analysis and incident detection. • Familiarity with securing cloud-native applications, containers and microservices. • Incident detection, containment and mitigation through post-incident investigations and root cause analysis. • Data encryption and Data More ❯

modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain … software products PCI/DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses and client security assurance Preferred More ❯

modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain … software products PCI/DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses and client security assurance Preferred More ❯

to end IT outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible … Out • Join a $1B global IT and Cyber Defence provider investing heavily in people, platforms and innovation • Shape and enhance the SOC’s technical foundations, influencing how detection and response evolves • Work with cutting edge tools across Microsoft, Elastic, Palo Alto, Splunk and other leading technologies • Hybrid working, flexible hours and a culture built on trust, growth and inclusion … and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts to improve visibility, telemetry and response efficiency • Engineering secure log ingestion pipelines across hybrid cloud and on prem environments • Supporting onboarding of new clients into the SOC to ensure correct configuration and data flow • Contributing More ❯

teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response More ❯

teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response More ❯

Conduct threat modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Maintain ISO27001 certification and … software products PCI/DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses and client security assurance Preferred More ❯

Advisory - Expertise in leading the adoption of industry cyber frameworks (e.g., NIST, ISO) and providing high-level advisory to boards, executives, and stakeholders on emerging threats and compliance posture. Incident Oversight & Resilience - Executive capability to govern cyber incident response strategies, ensuring the organisation's preparedness, crisis management, and post-incident assurance processes. Security Governance Principles - Deep More ❯

and remediation plans. Execution and delivery Lead disciplined engineering execution across distributed in-house and outsourced teams. Champion 24/7/365 platform operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish … engineering talent to build a high-performance organisation. Who you are as a leader Builder’s mindset & hands‐on pragmatism: comfortable diving into design reviews, deployment decisions, or an incident bridge. Low‐ego, high‐trust collaborator with the CPO/Product leaders; co‐authors a single message to the org; avoids “two captains” anti‐pattern. High EQ: able to … caching) and resiliency patterns (graceful degradation, bulkheads, back pressure), empowering teams to deliver robust solutions. Experience leading and governing SRE/DevOps practices at scale, including CI/CD, incident management, post-mortems, and capacity & cost management, fostering a culture of operational excellence and continuous improvement. Sponsor and champion security leadership, including secure SDLC, identity/authorization (SAML/ More ❯

management, patch governance, endpoint security (EDR/XDR), and cloud (M365/Azure security). Analytical Skills - capable of interpreting scan results, posture metrics (e.g., Microsoft Secure Score), and incident trends into actionable insights. Delegation & Leadership - experienced in mentoring Analysts and delegating effectively while retaining accountability for outcomes. Collaboration - able to work cross-functionally with Service Delivery, Projects, Account … equivalent certifications. Experience delivering or auditing compliance frameworks. Familiarity with RMM/XDR/EDR, SIEM, and vulnerability scanning platforms. Experience leading small teams (mentoring, guiding). Exposure to incident response and tabletop exercises. What Success Looks Like: Success means the Security Lead is recognised by clients as a trusted advisor who simplifies security into business language. All More ❯

risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFCs security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role … CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in healthcare, charity, or public sector environments. Familiarity with NCSC CAF and NHS DSPT frameworks. Experience working with SOCs and incident response partners. Please apply with your updated CV ensuring that any gaps in employment are explained. At this point, may we take this opportunity to thank you for More ❯

teams to identify and remediate vulnerabilities across hardware and software. Act as the primary technical liaison with the Business Continuity Planning (BCP) team, supporting BIAs and resilience obligations. Lead incident response investigations, mitigation, and ongoing security improvements. Support Cyber Essentials Plus accreditation and contribute to maintaining a strong external security rating. Produce clear reporting, dashboards, and technical documentation More ❯

Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead More ❯

and monitoring of cyber security best practices across the business. Administer security tools, including , multi-factor authentication (MFA), mail filtering and Anti-Virus software . Participate in vulnerability management, incident response coordination, and system security reviews. Help maintain system documentation, asset registers, and compliance records in line with IT policies and data protection regulations. Project Support Assist with … improvements, and ongoing system enhancements. Process & Documentation Maintain up-to-date documentation of IT systems, configurations, procedures, and security protocols. Support the continuous improvement of IT operational processes and incident management workflows. Skills & Experience Required Proven experience in a Systems Analyst, IT Support Analyst, or Desktop Support role, ideally within a retail, luxury, or manufacturing business environment. Strong hands More ❯

vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and maintain dashboards Optimize alerting to prevent alert storms and missed alerts Provide support for ITHC coordination, access provisioning, and post-engagement resolution. Act as a liaison … Defender for Cloud Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations Proven ability to lead incident response and vulnerability remediation efforts Nice-to-Have Skills Familiarity with multi-cloud environments (AWS, GCP) Experience in coordinating ITHC assessments and managing audit findings Knowledge of cloud More ❯

championing a security first culture across the business. You'll collaborate closely with teams across IT, Legal, Procurement, and Operations , acting as the go to expert for information assurance, incident management, and regulatory compliance . What You'll Be Doing Lead and continuously improve our ISMS Manage ISO 27001 certification, surveillance audits, and compliance activities Oversee cyber risk management … and report key metrics to senior leadership Coordinate incident response, forensic investigations, and remediation efforts Drive supplier assurance and manage third party risk Maintain security governance frameworks, policies, and standards Deliver engaging cyber awareness programmes across the organisation Provide expert security guidance throughout technology and project lifecycles What We're Looking For Proven experience managing an enterprise ISMS More ❯

availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incident response and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯

security across the organisation.You'll collaborate with scientists, technologists, and operational teams to ensure security is not just a technical requirement, but a shared responsibility. Your structured approach to incident response and clear communication will strengthen resilience and build trust across departments. Key Responsibilities: Lead the organisation's Information Security programme, ensuring it is responsive, innovative, and cost More ❯

of defending enterprise-scale environments, offering exposure to varied client infrastructures, advanced tooling, and complex security challenges. You’ll play a key part in maturing the security function—leading incident investigations, enhancing threat visibility, and mentoring the next generation of analysts—while continuously developing your skills with funded training and certification pathways. What You’ll Do Lead and investigate … and meaningful insights. Experience centralising log sources and onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new technologies quickly. Why Join? Work at the cutting edge of … a global MSP with enterprise clients and complex estates. Move beyond “keeping the lights on” — contribute to strategy, tooling improvement, and advanced threat detection. Career pathways into senior engineering, incident response leadership, or architecture roles. Ongoing funded training and certification investment. Opportunity to cross-train into wider InfoSec disciplines including GRC, Zero Trust, and compliance. Training to CISSP More ❯

Senior Security Analyst – SOC/Incident Response I’m partnering with a fast-growing Cyber Defence function that’s strengthening its Security Operations Centre and looking for a talented Senior Security Analyst to join the team. You’ll take a leading role in detecting, analysing, and responding to cyber threats across diverse client environments, mentoring junior analysts, improving … detection content, and helping drive SOC maturity. What you’ll do: Lead complex investigations and incident response. Develop SIEM/EDR use cases and correlation rules. Perform proactive threat hunting and support automation initiatives. Produce incident reports and guide remediation activities. Help coach and upskill junior analysts. You should bring: 2–4 years’ experience in a SOC, CSIRT More ❯

Senior Security Analyst – SOC/Incident Response I’m partnering with a fast-growing Cyber Defence function that’s strengthening its Security Operations Centre and looking for a talented Senior Security Analyst to join the team. You’ll take a leading role in detecting, analysing, and responding to cyber threats across diverse client environments, mentoring junior analysts, improving … detection content, and helping drive SOC maturity. What you’ll do: Lead complex investigations and incident response. Develop SIEM/EDR use cases and correlation rules. Perform proactive threat hunting and support automation initiatives. Produce incident reports and guide remediation activities. Help coach and upskill junior analysts. You should bring: 2–4 years’ experience in a SOC, CSIRT More ❯

all offices and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes … would be pleased to share further details. Due to the high volume of applications, we are not able to respond to all enquiries. If you have not received a response within 72 hours, please assume you have not been shortlisted at this stage, however thank you for taking the time to apply. Ryder Reid Legal is a recruitment specialist. More ❯