51 to 75 of 143 Incident Response Jobs in the South East

evolving threat landscape. What You’ll Be Doing Effectively operate and enhance existing cyber security tools, while researching and deploying new solutions (e.g. XDR, SOAR). Lead and support incident response activities, including simulations and live scenarios. Oversee and maintain the outsourced SOC team and other cyber partners. Review and implement policy improvements aligned to GDPR, ISO27001, NIST More ❯

modern security architectures Exposure to automation/scripting in PowerShell or Python for infrastructure or policy workflows Experience deploying or integrating SIEM and EDR tools, as well as conducting incident response (Preferred) Familiarity with security frameworks such as NIST 800-53, CIS Benchmarks, or ISO 27001 (Preferred) Industry certifications such as AZ-500, SC-300, or AWS Security More ❯

threats. Lead, mentor and grow a high-performing team of security engineers. Provide leadership in the creation of security awareness programs. Be a key player in the organisation's incident response efforts. Personal Attributes & Experience Deep experience with endpoint monitoring, CSPM, network security, intrusion detection and management. Proven track record in managing continuous threat exposure management programs and More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. Youll bring: Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design from identity and access management to More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. You’ll bring: Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design – from identity and access management More ❯

Tasks: Security assessments:?Create and perform security assessments and threat models Security standards:?Develop,implement&maintainsecurity standards and plans VulnerabilityManagement:?Research weaknesses and find ways to counter them Security incident response:?Respond to attack vectors and security incidents, and coordinate incident response across teams Security software testing:?Test company software, firmware, and firewalls Security software design … event log analysis Network Troubleshooting skillsrequired. Knowledge and hands-on experience in penetration testing/vulnerability scanning, security tools like tenable Nessus, kaliLinux Knowledge of ITIL disciplines such as Incident, Problem and Change Management Experience of infrastructure design and management in mission critical environments preferred. Understanding of Virtual Infrastructure and windows environments preferred Effective communication, organizational, problem-solving and More ❯

Description We're seeking a skilled and innovative Security Engineer to join our Cyber Detection and Response team on a 6 month fixed term contract to drive the development and implementation of security log sources and SOC use cases. Reporting into the Detection and Response Manager, you'll lead the onboarding and management of log sources, designing and … cases Developing, deploying and optimizing log management pipelines using Cribl Building and maintaining comprehensive documentation, including use case requirements, workflows, and best practices Working closely with the threat intelligence, incident response, and operations teams to design solutions that support security and operational resilience Troubleshooting and resolving complex data pipeline and log processing issues Staying up to date with … Familiarity with IT infrastructure, security operations, and cloud environments (e.g., AWS, Azure, GCP) Strong problem-solving skills with the ability to translate technical solutions into business value Knowledge of incident response workflows and threat intelligence integration is desirable Internal candidates are encouraged to apply for this role as a secondment opportunity through the internal careers site. As a More ❯

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced … threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions … to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or More ❯

compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering teams to embed secure coding practices and tackle vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding/offboarding processes, and device compliance using SSO/SCIM and MDM platforms. … experience in enterprise IT or information security — ideally within SaaS, B2B, or fast-paced environments. Deep knowledge of compliance frameworks and IT governance. Understanding of third-party risk management, incident response, and security operations. Strong experience with MacOS administration tools (JAMF preferred). Familiarity with modern cloud environments, particularly Azure. Proficient in scripting languages such as Python or More ❯

matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans More ❯

Strong understanding of regulatory frameworks (FCPA, GDPR, SOX, UK Bribery Act, etc.); Experience with digital forensics, e discovery tools, and data analytics in investigations; Familiarity with cybersecurity risks and incident response processes; Strong analytical and problem solving skills, with attention to detail; Excellent communication and report writing abilities; High level of integrity, discretion, and ability to handle confidential More ❯

cloud tooling. Working closely with delivery teams, youll ensure security is integrated at every layer of the cloud ecosystem. Youll also drive the DevSecOps mindset, integrating monitoring, alerting and incident response into group-level processes. What youll need Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design More ❯

Working closely with delivery teams, you’ll ensure security is integrated at every layer of the cloud ecosystem. You’ll also drive the DevSecOps mindset, integrating monitoring, alerting and incident response into group-level processes. What you’ll need Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security More ❯

complex network security incidents Enhancing risk and vulnerability management processes Collaborating with architecture and operations teams to embed security best practices Supporting forensic investigations and Tier 3/4 incident response What you'll bring to the role You'll be a seasoned network security professional with deep technical expertise and a proactive, solutions-driven mindset. You'll More ❯

compliance and vulnerability management. Beyond operational stability, the role demands a continuous improvement mindset - proactively evaluating the platform and driving enhancements to optimise efficiency, resilience, and user experience. Manage incident response, problem management, and change management processes in collaboration with other platform teams. Ensure effective monitoring, health checks, and proactive maintenance across services all Cloud infrastructure services (including More ❯

procedures – protecting systems and data across Perenna's estate is a critical function, so you’ll be at the heart of our cyber security work. Participate in cyber security incident responses – you’ll contribute across the full lifecycle, and be comfortable monitoring and analysing security events, investigating potential incidents, and providing recommendations for remediation where required. Take ownership of More ❯

remote Berkshire SC-200 Senior SOC Analyst Level 2/3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting/triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents/escalations Conduct advanced threat hunting using the Microsoft … Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Must have More ❯

SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate threats. Create and maintain documentation, playbooks, and incident reports. Continuously improve SOC processes and detection capabilities. What We're Looking For More ❯

pipelines Enhancing automation Security assessments and automation Implementing monitoring and alerts Required skills: Understanding of AWS infrastructure - IAM, S3, ECS, EC2, Lambda IaC with Terraform Strong Python skills Implementing incident response and SIEM Experience working within large enterprise and financial services space. London - Onsite 2 days per week No visa sponsorship available More ❯

doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and … continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational More ❯

day ago London, England, United Kingdom 1 week ago Betchworth, England, United Kingdom 2 months ago London, England, United Kingdom 4 months ago Security Analyst, Security Operations and Incident Response London, England, United Kingdom 3 weeks ago London, England, United Kingdom 2 months ago London, England, United Kingdom 2 weeks ago London, England, United Kingdom 3 weeks ago … Cyber Security Analyst, Incident Response London, England, United Kingdom 5 days ago We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. More ❯

known organisations. Youll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

Benefits: 12% pension contributions, hybrid working, 25 days AL+BH, performance bonus, free on site parking Skills required for this role: Experience working with SIEM solutions Vulnerability management Incident Response Implementing appropriate mediation Understanding of SOC Framework exposure experience (ISO27001, Cyber Essentials, etc) This role gives the right candidate an opportunity to springboard their career and give them the More ❯