1 to 25 of 36 Incident Response Jobs in the South West

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration … global cybersecurity efforts. What You Bring Essential: Degree or equivalent experience in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security More ❯

with Key Vault, SBOM and image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform … service catalog entries; contribute to onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incident response when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services, API Management, Event Hub/… GitOps, and container build pipelines (e.g., ACR, OPA policies, image scanning). Working knowledge of observability tooling (Azure Monitor, Log Analytics, Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and More ❯

the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities. Youll be at the forefront of detecting, analysing and responding to evolving threats, ensuring our technical security controls and frameworks are robust, compliant, and future-ready. … fast-paced environment, love to hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and More ❯

and automate infrastructure provisioning. Security and Compliance: Enforce security and compliance standards using tools like Azure Policy, ensuring environments are patched, monitored, and aligned with regulatory requirements. Monitoring and Incident Response: Establish monitoring, logging, and alerting systems to track environment health and lead incident response and resolution for infrastructure and deployment issues. Collaboration: Work with stakeholders More ❯

systems Understanding of aviation safety management systems and their integration with cybersecurity programmes Familiarity with certification processes and regulatory compliance in aerospace or similar sectors Knowledge of threat detection, incident response, and security monitoring technologies Leadership & Communication: Proven ability to lead security programmes in fast-paced, innovative technology companies Excellent stakeholder management skills, with ability to influence at … relationships and third-party integrations Security Architecture & Implementation: Design and implement security architectures for aviation systems, including industrial control systems and hydrogen infrastructure Establish security monitoring, threat detection, and incident response capabilities Oversee security measures for intellectual property protection, particularly around proprietary hydrogen-electric technologies Manage security requirements for certification and regulatory data integrity Team Development & Governance: Build More ❯

Evaluate and integrate new AWS services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills & Qualifications: Proven hands-on experience … Knowledge and application of cloud security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact me on More ❯

Evaluate and integrate new AWS services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills & Qualifications: Proven hands-on experience … Knowledge and application of cloud security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact me on More ❯

Evaluate and integrate new AWS services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills & Qualifications: Proven hands-on experience … Knowledge and application of cloud security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact me on JBRP1_UKTJ More ❯

across a broad range of domains. The Senior Cyber Security Specialist will operate across Cyber Operations and GRC, ensuring UK-specific compliance and security resilience. Role: Security Incidents: Oversee incident management and response, including root cause analysis, impact assessment, and post-incident reviews. Threat Management: Develop and refine threat intelligence, threat hunting capabilities, and prevention/detection … of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and GDPR. Ability to More ❯

objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role. Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions. Key Responsibilities: Client Engagement & Solution Design: Collaborate with clients to identify … real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. Threat Detection & Response Strategy: Design and implement threat detection rules, logic, and response workflows that align with the client's risk profile and operational needs. Guide clients in developing and improving … their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance More ❯

and Experience Essential: Degree in Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection … and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or More ❯

prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting (including SIEM/threat detection). Create security documentation (designs More ❯

Managed Security Service Providers, and act as the first line of defence for security incidents. You’ll drive maturity in our security operations, oversee vulnerability management, and ensure our response to cyber threats is swift and effective. This is a hands-on leadership role that combines technical expertise, strategic influence, and people development. You’ll work closely with senior … enhance our security posture, deliver impactful awareness initiatives, and embed robust processes that protect the business globally. What we’re looking for: Proven experience leading a Security Operations or Incident Response function Strong technical background across SIEM, EDR, vulnerability management, and cloud security (Azure preferred) In-depth understanding of security frameworks such as NIST CSF, ISO 27001, and More ❯

a key part in embedding security into IT platforms across both cloud and on-premises environments. You’ll advise on security design, implement and maintain controls, and contribute to incident response and vulnerability management. The role involves working closely with architects, infrastructure teams, and project managers to ensure systems are resilient, compliant, and aligned to best practice. You … controls such as IAM, firewalls, and endpoint protection. Familiarity with frameworks like NIST, CIS, ISO 27001, and Cyber Essentials Plus. Experience with monitoring and SIEM tools, threat detection, and incident response. Strong communication and stakeholder management skills. Desirable experience: Security certifications (e.g. CISSP, CISM, Microsoft security certs). Cloud security or architecture qualifications. Knowledge of automation, scripting, or SOAR More ❯

to, and prevent cyber threats. Location: Bristol Reports to: Head of Cyber Security Hybrid Role: 3-4 days work from home The Role Play a key role in maturing incident response and threat intelligence functions Evolve and mature the firm's capability for detecting and responding to cyber incidents Help develop strategies and roadmaps for cyber security technology More ❯

oversee the operation, maintenance, and performance of the SWSDE platform, ensuring security, stability, and scalability at all times. Manage and monitor system security , including threat detection, risk management, and incident response, ensuring compliance with SATRE, ISO27001, DSPT, and NHS cybersecurity frameworks. Develop and maintain secure data pipelines from contributing NHS and partner organisations, ensuring interoperability, data quality, and More ❯

V, VMware) and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement. Compliance & Governance Align security controls with frameworks such as ISO 27001, NIST, CIS, and More ❯

multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139, and ISN 23/09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to More ❯

information risks. Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23/09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to More ❯

complex environment Design and enhance CI/CD pipelines to support secure, automated deployments Develop and maintain orchestration strategies for seamless, repeatable and compliant deployments Conduct proactive security assessments, incident response and remediation activities Collaborate with DevOps, Architecture and Compliance teams to ensure continuous security alignment Essential Experience Demonstrable expertise in AWS security services (e.g. IAM, KMS, CloudTrail More ❯

Fusion Centre. You will report directly to the Head of Insider Risk Management and manage a team of investigators, overseeing complex security investigations, and enhancing insider risk detection and response capabilities. You will play an important leadership role in developing programmes, driving continuous improvement, and encouraging collaboration. Summary of Primary Responsibilities Collaborate with the Head of Insider Risk Management … investigators. Support professional development and foster expertise in insider risk and investigative practices. Work closely with partner teams (e.g., HR, Legal, Threat Detection Engineering, etc.) on threat detection and response initiatives to ensure coordinated and effective risk mitigation. Create and deliver insider risk awareness content, highlighting emerging trends and fostering a culture of vigilance and shared responsibility. Produce executive … enterprise. Knowledge of frameworks, laws, regulatory requirements, and privacy-related requirements of insider risk programs. Knowledge of SOC or Fusion Centre environment methodology to include threat monitoring, intrusion detection, incident response, and analysis. Knowledge of the cyber threat landscape, including types of adversaries, campaigns, and how insider and cyber threats are fueled. Process-driven with a focus on More ❯

at scale Strong Linux systems administration background Proficiency with Terraform, Ansible (or similar tools) Knowledge of scripting (Bash/Python), CI/CD, and version control (Git) Experience in incident response and disaster recovery Strong communication skills and a collaborative mindset Nice to Have AWS Associate certification (or interest in achieving it) Exposure to containerised environments or Azure More ❯

at scale Strong Linux systems administration background Proficiency with Terraform, Ansible (or similar tools) Knowledge of scripting (Bash/Python), CI/CD, and version control (Git) Experience in incident response and disaster recovery Strong communication skills and a collaborative mindset Nice to Have AWS Associate certification (or interest in achieving it) Exposure to containerised environments or Azure More ❯

ensure seamless integration and deployment of applications. Implement and maintain security best practices and compliance standards across all AWS environments. Troubleshoot and resolve complex technical issues as part of incident response efforts. Maintain detailed documentation of architectures, configurations, and processes. Apply design patterns to ensure code reusability and maintainability. Develop and execute unit tests, following test-driven development More ❯