76 to 100 of 138 Incident Response Jobs in the South East

Incident Response Manager I'm working with a global tech-led FS business Cyber Incident Response Manager to lead their incident response function and manage complex, high-impact security events. They're looking for a hands-on, proactive leader who can drive incident remediation, improve response playbooks, and coordinate CIRT teams during More ❯

Manager for the EMEAs region. In this role, you will be supporting the creation and enforcement of Jefferies’ Business Continuity Program, including policy reviews/updates, business impact analysis, incident monitoring and response and more. This role will also help lead the BC Regulatory program to horizon scan for regulatory updates/changes that would apply, and provide … in Compliance and Legal. Recommend recovery strategies and assist with implementation of recovery solutions. Plan and coordinate regular testing exercises and simulations to test the effectiveness of BC/incident management plans and to fulfill various regulatory requirements. Participate in any internal and industry wide tabletop exercises Support and lead Business Continuity awareness training for new employees and recurring … coordinate security alerts and the traveler safety program for potential risks to Jefferies staff and offices Monitoring news & alerts for incidents that may affect Jefferies’ offices and travelers Support incident response efforts, specifically documenting and gathering timelines, data points and action items, and following up with responsible parties for close-out of assigned action items. Collaborate with various More ❯

Management Oversee daily IT operations, ensuring high availability, performance, and user satisfaction. Manage escalations and prioritisation of support issues. Monitor and report on key operational metrics (e.g. SLAs, uptime, incident response). Project Delivery Lead the transition of managed services infrastructure and service desk from MSP to in-house. Oversee the reset and rebuild of the Microsoft Azure … practices into operational and project workflows. Collaborate with relevant stakeholders to ensure compliance with policies, standards, and regulations (e.g. ISO27001, Cyber Essentials). Manage risk assessments, vulnerability management, and incident response processes. Stakeholder Engagement Act as a senior point of contact for internal stakeholders regarding IT operations and service delivery. Work closely with other business units to understand More ❯

most sophisticated threat actors out there and genuinely develop your career within one of the most reputable banks worldwide. Senior Cyber Operations Analyst – Key Responsibilities: Lead the investigation and response for escalated security incidents, performing in-depth analysis and coordinating containment and mitigation strategies. Conduct proactive threat hunting using network traffic, behavioural patterns, threat intelligence, and security telemetry. Utilise … tune SIEM tools such as Splunk, leveraging advanced queries and dashboards to identify anomalies. Collaborate closely with global security teams, threat intelligence units, and stakeholders to improve detection and response playbooks Senior Cyber Operations Analyst – Requirements: Strong proficiency with SIEM platforms, ideally Splunk, including custom query writing and dashboard development. Deep understanding of incident response, including network More ❯

experience: Worked as a Security Engineer focussing on enhancing a global SOC's capability Building automated workflows, playbooks, and logging integrations to enhance the SOC's scalability, efficiency, and incident response readiness. Designed and fine-tune proactive and reactive detections in Sentinel - working closely with Threat Intelligence, IR, and Attack Surface Management teams. Partnered with SOC analysts to More ❯

training and development programs. Responsibilities include: Monitoring, triaging, and investigating security incidents on critical client infrastructure. Analyzing network traffic, logs, and system events to identify threats and vulnerabilities. Providing Incident Response support. Maintaining and developing team knowledge of SOC tools and security operations. Preparing reports for technical and non-technical audiences and improving their content. Updating security incident More ❯

and procedures in alignment with industry best practices. Reviewed penetration test reports to ensure they are up to standard and meet test objectives. Mentor junior penetration testers. Assist in incident response activities, including investigation, containment, and remediation of security incidents. Conduct cloud security assessments. Essential Requirements Must be currently residing in mainland UK . Minimum 5 years of More ❯

networks, NAS servers, CCTV, and Wi-Fi systems. Ensure adherence to IT policies, security protocols, and data protection regulations. Review and contribute to cybersecurity reports, training completion tracking, and incident response documentation. Set up, manage, and maintain user accounts, hardware, and software across offices and remote environments. Collaborate with external vendors for service and support as required. Prepare More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

SOC Analyst A Global Organisation requires a Contract L2 SOC Analyst to join their Incident Response team - Splunk, Defender Day Rate: £400 - £420pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L2 SOC Analyst will have the previous following experience: Monitor and investigate security alerts using tools such as Splunk, Microsoft … Defender, and CrowdStrike, escalating incidents as needed and ensuring timely resolution. Leverage Microsoft Co-pilot and automation workflows to streamline threat detection, incident triage, and response processes. Conduct in-depth log analysis and correlation across multiple data sources to identify potential security threats and reduce false positives. Support threat hunting and root cause analysis efforts, providing detailed documentation More ❯

a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on … threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to … lock down cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections More ❯

L3 SOC Analyst A Global Organisation requires a Contract L3 SOC Analyst to join their Incident Response team acting as an escalation point - Splunk & Defender Day Rate: £475 - £500pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L3 SOC Analyst will have the previous following experience: Act as a lead investigator … for high-severity security incidents, coordinating response activities and containment strategies. Perform deep forensic analysis across endpoints, logs, and network traffic to uncover advanced threats. Develop and fine-tune detection rules and correlation logic in SIEM platforms (e.g., Splunk). Collaborate with engineering and threat intelligence teams to improve detection coverage and SOC workflows. Mentor and guide L1/… threat hunting campaigns using tools such as Defender, CrowdStrike, and custom scripts. Contribute to playbook development, automation improvements (including Microsoft Co-pilot integration), and process optimization. Produce executive-level incident reports, root cause analyses, and recommendations for remediation and hardening. More ❯

Contract Start: July | Interviews from 1st July iO are supporting a social housing organisation seeking an experienced Interim SOC Manager to drive tactical improvements across their security operations and incident response. You'll lead a small SOC team (1 senior, 2 analysts), work alongside a third-party MSSP, and help the organisation progress toward NIST CSF 3.5 maturity. Key … Responsibilities Lead daily SOC operations; ensure effective monitoring and alerting Deliver and embed cyber incident response processes and playbooks Work closely with third-party MSSP and internal security functions Leverage Microsoft Defender + Sentinel stack Bridge data feeds (e.g., SQL) into Sentinel Align SOC operations with GRC, Architecture, and Security Engineering Drive outcomes across BAU and transformation activities … Essential Experience & Skills Strong background as a SOC Manager or Lead in mid-large organisations Hands-on experience with Microsoft Defender & Sentinel Proven track record delivering cyber incident response plans and playbooks Experience working with or managing third-party security providers Comfortable in tactical, operational delivery roles (not just strategic) Excellent communication skills, stakeholder engagement, and emotional intelligence More ❯

Contract Start: July | Interviews from 1st July iO are supporting a social housing organisation seeking an experienced Interim SOC Manager to drive tactical improvements across their security operations and incident response. You'll lead a small SOC team (1 senior, 2 analysts), work alongside a third-party MSSP, and help the organisation progress toward NIST CSF 3.5 maturity. Key … Responsibilities Lead daily SOC operations; ensure effective monitoring and alerting Deliver and embed cyber incident response processes and playbooks Work closely with third-party MSSP and internal security functions Leverage Microsoft Defender + Sentinel stack Bridge data feeds (e.g., SQL) into Sentinel Align SOC operations with GRC, Architecture, and Security Engineering Drive outcomes across BAU and transformation activities … Essential Experience & Skills Strong background as a SOC Manager or Lead in mid-large organisations Hands-on experience with Microsoft Defender & Sentinel Proven track record delivering cyber incident response plans and playbooks Experience working with or managing third-party security providers Comfortable in tactical, operational delivery roles (not just strategic) Excellent communication skills, stakeholder engagement, and emotional intelligence More ❯

maintaining compliance with strict regulatory standards. What You'll Bring Proven experience in Security Consultant/Architect/Management with a deep understanding of security policies, risk mitigation, and incident response . Experience as a Security Officer (STRAPSO highly desirable) with strong asset management skills. MUST have NIST 800 53 Secure by Design (SbD) experience Strong leadership skills … capable of working across teams and disciplines to enhance security operations. Expertise in incident classification, response, and reporting , with the ability to identify, assess, and mitigate evolving threats. Ability to manage security training , document security policies, and conduct audits to ensure ongoing compliance. Excellent communication skills , capable of advising both technical and non-technical stakeholders. Secure Your Future. More ❯

reporting Implementing and maintaining endpoint security measures, including AV/anti-malware compliance Conducting system hardening and security compliance audits against frameworks like CIS, STIG, and NIST Contributing to incident response, forensic investigations, and remediation activities Assessing the security impact of changes, supporting secure design and assurance processes Producing and maintaining detailed security documentation (HLDs/LLDs, SOPs … you will need: Proven experience in a Cyber Security Engineering role, ideally within the defence or secure government sector Strong hands-on expertise across vulnerability management, endpoint protection, and incident response Familiarity with frameworks such as Government Functional Standard 007, CIS, STIG, and NIST A proactive, collaborative mindset with the ability to engage across multidisciplinary technical teams The More ❯

days holiday PLUS Bank Holidays, excellent pension contribution, and a unique and vibrant working environment. Role & Responsibilities: The Director is responsible for risk management, regulatory compliance, and leading incident response efforts in the event of security breaches, including incident investigations. Additionally, you'll work closely with other University senior managers to align security initiatives with business goals … systems are adequately protected within the ecosystem the University operates. Provide leadership and direction to ensure threats to students, staff, and suppliers are addressed effectively and expeditiously. Ensure appropriate response to security incidents and drive continuous improvements by learning from them. What's in it for you? We think Surrey is an amazing place to work, and we are More ❯

You'll Do Maintain and improve our AWS-based infrastructure using Infrastructure-as-Code (Terraform) Support and scale Kubernetes clusters hosting critical microservices Design and enhance observability, alerting, and incident response processes Collaborate closely with engineers to ensure systems are reliable, secure, and performant Lead root cause analysis for production incidents and help prevent recurrence Build tooling to … Go (bonus) What We're Looking For Strong experience in SRE, DevOps, or Production Engineering roles Proven hands-on skills with AWS , Terraform , and Kubernetes Experience with production support, incident management, and RCA practices Comfortable working in a fast-paced startup or scale-up environment Strong problem-solving mindset and a passion for automation More ❯

/engineering and creation of rulesets & dashboards aligned to the MITRE ATT&CK framework. Preferred vendors: Microsoft Sentinel, Google Chronicle (SecOps), Elastic. Excellent Knowledge of EDR/XDR – including incident investigation at a priority 1 and 2 severity and general day-to-day usage alongside best-practice configurations for common toolsets. Preferred vendors: CrowdStrike, Microsoft, Palo Alto, SentinelOne. Good … Knowledge of incident response, aligned to MITRE ATT&CK with a good knowledge of common tactics, tools and techniques attackers utilise in the wild. Good Knowledge of VM – including analysis, classification and prioritisation to create tangible and actionable insights. Preferred Solutions: Rapid 7, Tenable, Vulcan. Good Knowledge of CTI – Including its utilisation within a SOC environment. Preferred Solutions More ❯

cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective More ❯

teams to embed cyber resilience Support compliance with relevant frameworks and standards (IEC 62443, NIS, OG86, CAF, etc.) Monitor and improve security controls, networks, and access management Assist in incident response involving operational systems Contribute to policy development, governance, and security awareness initiatives Engage with third parties and suppliers to ensure aligned security expectations What We’re Looking More ❯

robust CI/CD infrastructure. This is a hands-on leadership role that balances strategic vision with technical execution. Key Responsibilities Oversee day-to-day cloud operations, including monitoring, incident response, troubleshooting and optimisation Lead & manage both short & long term project planning (Agile, Sprints, Iteration Planning) Develop and implement cloud governance, security and compliance policies & procedures Drive automation More ❯

and understanding processes to mitigate and act on them.Develop and document disaster recovery processes where required, Identify, assess, and prioritise vulnerabilities to reduce potential attack surfaces. Assume role of Incident Response Manager where required, quickly responding to and managing security incidents to mitigate damage and restore normal operations. Lead any necessary debriefs and lessons learnt discussions. It is More ❯

virtualisation platforms, storage, backups, and Linux systems using tools such as Ansible, Terraform, and GitHub. Collaborate with cross-functional teams to align infrastructure delivery with DevOps best practices. Lead incident response, root cause analysis, and ongoing support for critical infrastructure services. Define and implement infrastructure administration standards and procedures. Champion Infrastructure as Code and continuous improvement across the More ❯

adversarial testing, model bias assessments, and trustworthiness evaluations. Contribute to training and awareness initiatives on AI/ML security best practices. Act as a key stakeholder in AI-related incident response and mitigation. Your Profile Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML More ❯