1 to 25 of 44 Incident Response Jobs in the South West

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge ( Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be … of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

equivalent, or you can showcase significant experience in an IT domain. As an excellent communicator, you thrive in collaborative team environments. Your expertise includes Incident Response, where you have led technical investigations and developed response frameworks. You are proficient with Security Information and Event Management (SIEM) systems … Experience in configuring and maintaining SIEM tooling including operating procedures and playbook Utilisation of Cyber Threat Intelligence within a Security Operations context Experience in Incident Response, particularly in leading on technical investigations and response frameworks and procedures Ability to manage technical risk and lead on implementing appropriate More ❯

tailored end-to-end solutions. Deliver chargeable workshops like strategy sessions, posture assessments, and gap analysis. Provide support during cyber incidents and assist with incident response plans. Serve as a cyber security advisor, offering guidance to clients. Conduct technical training to empower the sales team to sell security … cyber security trends and innovations. Key Skills and Experience: Proven experience in Pre-Sales or similar role within an MSP/Reseller. Experience with incident response teams and understanding of response stages. Familiar with endpoint detection, threat management, and cyber security services (SSE, SASE, SIEM, MDR/ More ❯

implement, and manage the global cybersecurity strategy. Oversee information security risk assessments and mitigation plans. Establish and enforce cybersecurity policies, procedures, and standards. Lead incident response efforts, including investigation, resolution, and post-incident reviews. Monitor, analyse, and respond to threats across global IT environments. Manage security tools … business. Strong understanding of enterprise security technologies and best practices. Professional certifications such as CISSP, CISM, or CISA are highly desirable. Proven experience managing incident response and regulatory compliance. Excellent analytical and communication skills. Comfortable operating in complex, cross-functional environments. What do you get in return? There More ❯

practices and secure-by-design principles. Identify and mitigate security risks in solution architectures. Create security documentation (e.g., RMADS, Security Assurance Documents). Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. The Person Key Skills & Experience: Strong … of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience More ❯

improvement of our security operations. Essential Skills Experience with security monitoring tools (e.g., SIEM). Strong analytical skills to assess complex security issues. Cyber incident response and handling experience. Ability to identify and mitigate security threats. Happy working in a fast-paced environment. Strong communication skills. Problem-solving … threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate tools and countermeasures. Prepare and maintain security and incident response documentation. Collaborate with management, IT, and other departments to implement security improvements. Participate in security audits and assessments. Stay updated with the More ❯

IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and manual testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response … cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as Python, PowerShell, or Bash) to automate repetitive tasks, analyse security logs, and manage incident response. How it works: Learn : Complete a period of full-time Academy training when you join Sparta Global. All training is delivered remotely by More ❯

IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and manual testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response … cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as Python, PowerShell, or Bash) to automate repetitive tasks, analyse security logs, and manage incident response. How it works: Learn : Complete a period of full-time Academy training when you join Sparta Global. All training is delivered remotely by More ❯

improvement of our security operations. Essential Skills Experience with security monitoring tools (e.g., SIEM). Strong analytical skills to assess complex security issues. Cyber incident response and handling experience. Ability to identify and mitigate security threats. Happy working in a fast-paced environment. Problem-solving and analytical skills. … threat hunting, vulnerability analysis, and penetration testing to identify risks. Continually assess security systems, suggesting appropriate tools and countermeasures. Prepare and maintain security and incident response documentation. Collaborate with management, IT, and other departments to implement security improvements. Participate in security audits and assessments. Stay updated with the More ❯

edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise for enterprise, cloud and More ❯

Security Information and Event Management) tools. Analyze security incidents to determine their impact, severity, and conduct thorough investigations of security breaches. Develop and implement incident response plans and procedures. Collaborate with IT and security teams to effectively resolve security issues. Maintain security documentation and incident reports while More ❯

e.g., NIST, ISO27000 series). Expertise in network security protocols, Azure security solutions, firewalls, intrusion detection systems, VPNs, etc. Proficient in vulnerability assessment tools, incident response frameworks, and risk management methodologies. Ability to collaborate effectively with cross-functional teams. Analytical mindset to interpret security data and make informed More ❯

settle in and provide ongoing mentorship as you grow in your role. You'll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. More ❯

and implementing security measures that protect sensitive information in complex environments. Your technical expertise spans areas such as encryption, access controls, vulnerability assessments and incident response. You have excellent problem-solving skills and a proactive mindset, enabling you to anticipate potential threats and address them effectively. Communication comes naturally More ❯

Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

respond promptly to potential threats Conducting vulnerability assessments: You'll help identify weaknesses in our systems and recommend improvements to enhance security Participating in incident response: When a security incident occurs, you'll be part of the team that investigates and mitigates the impact Collaborating on security More ❯

a technical expert and a mentor—guiding junior analysts, tuning tools for maximum detection capability, and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes … residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with expertise and foster knowledge-sharing across the SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and … deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring 4+ years’ experience in SOC (Level 2 or above), with strong incident response capabilities Proven ability More ❯

Building proof-of-concept and prototype threat hunting tools, automations, and capabilities Driving product and tooling improvements by sharing insights from threat hunting and incident response with engineering teams Identifying, prioritizing, and targeting complex security issues impacting customers and driving adoption of mitigations Synthesizing research findings into mitigation More ❯

Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear from you! If you're … during relevant cybersecurity incidents Deliver detailed threat reporting including executive briefings, and actionable recommendations to technical and non-technical stakeholders Set yourself apart: Monitoring, incident response and playbook development Detection creation within SIEM tools and using GitHub Vulnerability scanning, management and reporting Core cybersecurity concepts such as network More ❯

and mitigate risks across networks, systems, and applications Manage security team & third-party SOC operations Implement security controls, policies & awareness programs Monitor threats, lead incident response & drive security culture Report security posture & metrics to IT Director & leadership Oversee security assessments, audits & penetration testing What You’ll Bring CISSP More ❯

Key responsibilities and accountabilities: Design and recommend security architectures, solutions, and controls to protect client critical assets and data. Develop and help customers implement incident response plans, which outline steps to take in case of a security breach. Perform security assessments for customers, including penetration testing, to identify More ❯

our information assets and ensure compliance with regulatory requirements •Operational Excellence: Oversee a high-performing team of security professionals, manage security operations, and lead incident response, threat intelligence, and vulnerability management efforts •Innovative Environment: Collaborate with various departments, including marketing, IT, and customer service, to integrate security measures More ❯

requirements and standards to the MSP teams and ensure adherence as well as to provide technical leadership to the teams. Support the Cyber Security Incident Response Team (CSIRT) and MSPs to help solve Microsoft Azure related security incidents. Work with Cyber Security, Enterprise Architects and other SMEs to More ❯