17 of 17 Incident Response Jobs in the South West

support and enhance a Security Operations Centre for a leading technology provider. This role focuses on detection engineering, SIEM optimisation, and automation, alongside supporting incident response across complex environments. Key Responsibilities Develop and tune SIEM detection rules and use cases (e.g., Splunk, QRadar) Automate SOC workflows and incident response processes (Python/PowerShell) Improve alert quality, reducing false positives and enhancing detection coverage Support and lead incident investigations and escalations Integrate threat intelligence into monitoring and detection Maintain SOC playbooks and support continuous improvement of tooling and processes Skills & Experience Experience in SOC Engineering ...

support and enhance a Security Operations Centre for a leading technology provider. This role focuses on detection engineering, SIEM optimisation, and automation, alongside supporting incident response across complex environments. Key Responsibilities Develop and tune SIEM detection rules and use cases (e.g., Splunk, QRadar) Automate SOC workflows and incident response processes (Python/PowerShell) Improve alert quality, reducing false positives and enhancing detection coverage Support and lead incident investigations and escalations Integrate threat intelligence into monitoring and detection Maintain SOC playbooks and support continuous improvement of tooling and processes Skills & Experience Experience in SOC Engineering ...

support and enhance a Security Operations Centre for a leading technology provider. This role focuses on detection engineering, SIEM optimisation, and automation, alongside supporting incident response across complex environments. Key Responsibilities Develop and tune SIEM detection rules and use cases (e.g., Splunk, QRadar) Automate SOC workflows and incident response processes (Python/PowerShell) Improve alert quality, reducing false positives and enhancing detection coverage Support and lead incident investigations and escalations Integrate threat intelligence into monitoring and detection Maintain SOC playbooks and support continuous improvement of tooling and processes Skills & Experience Experience in SOC Engineering ...

support and enhance a Security Operations Centre for a leading technology provider. This role focuses on detection engineering, SIEM optimisation, and automation, alongside supporting incident response across complex environments. Key Responsibilities Develop and tune SIEM detection rules and use cases (e.g., Splunk, QRadar) Automate SOC workflows and incident response processes (Python/PowerShell) Improve alert quality, reducing false positives and enhancing detection coverage Support and lead incident investigations and escalations Integrate threat intelligence into monitoring and detection Maintain SOC playbooks and support continuous improvement of tooling and processes Skills & Experience Experience in SOC Engineering ...

endpoint, email, identity, network, cloud and application layers. Manage and integrate a broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services. Lead and support cyber security incident response activities … including investigation, containment, remediation and post incident review. Oversee security monitoring, alerting and response processes, working closely with managed service providers where applicable. Conduct and coordinate vulnerability assessment and remediation activities across infrastructure, endpoints, applications and cloud services. Support regulatory, client and internal audits (e.g. ISO 27001), including ...

visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management and remediation processes … management platforms such as Tenable Knowledge of OT/ICS security platforms such as Claroty is beneficial Experience supporting security monitoring, detection engineering and incident response Strong understanding of enterprise infrastructure and cloud security Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

technical engine behind the organisation's global digital integrity. Your responsibilities will include: Managing the Global SOC to ensure proactive threat hunting and rapid incident response across all global time zones. Implementing a cutting-edge DevSecOps approach to ensure security is automated and embedded within the CI/… have personally achieved certification from scratch) 2.DevSecOps (Embedding security into CI/CD pipelines and automated workflows) 3.SOC Management (Overseeing global threat detection and incident response) 4.NIST Framework (Applying security standards for the Americas region) 5.Essential 8 (Understanding and implementing Australian security protocols) 6.Vulnerability Management (Coordinating risk-based ...

ideally Clearswift Strong understanding of Active Directory administration Experience across Windows and Linux security Familiarity with ITSM tools such as Remedy or Jira Strong incident response and analytical skills TO BE CONSIDERED: Please either apply through this advert or reach out directly to discuss further. By applying … client in line with this vacancy. KEY SKILLS SOC Engineer, SIEM, Elastic, Tanium, EDR, Trend Micro, Trellix, Clearswift, Active Directory, Windows, Linux, Incident Response, ITSM ...

Skills: +SOC +SIEM +Dv clearance We're looking for a SOC Engineer to support a complex environment, focusing on security monitoring, incident response, and platform administration across a modern security stack. Key Responsibilities Monitor and respond to security events using Elastic SIEM (ELK) Investigate incidents, perform root cause … vulnerability management and endpoint security tools Strong Active Directory and Windows/Linux security knowledge Familiar with ITSM processes and tools Strong analytical and incident response skills If you'd like to discuss this SOC Engineer role in more detail, please send your updated CV to (url removed ...

principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation, and problem-solving capability Knowledge ...

assurance, supporting business objectives while reducing cyber and data protection risk. As the Senior Information Security Analyst you will lead security architecture decisions, oversee incident response and vulnerability management, support secure digital transformation, and provide clear, risk-based advice to stakeholders and senior leadership. The position operates with … hybrid environments Microsoft 365 & Cloud Security Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps) Microsoft Sentinel (SIEM): log ingestion, alert tuning, detection rules, incident workflows Intune & Endpoint Management: device compliance, MDM/MAM, BYOD enforcement Endpoint, Infrastructure & Asset Security Network, DNS & Access Security DNSFilter: DNS-layer protection, malicious ...

doing: * Providing expert technical guidance to project teams to ensure compliance with customer, regulatory, and internal security standards. * Leading the Computer Incident Response Team during security incidents, coordinating response efforts. * Collaborating with the Cyber Security Operations Centre to meet UK security needs and communicate effectively with stakeholders. ...

change. Operational integrity Own end-to-end accountability for the availability, performance, resilience, and compliance of GPTI trading and optimisation systems, including live operations, incident response, service recovery, and continuous improvement. Data-driven decision making Monitor service health, performance, and operational risk to inform prioritisation, investment decisions ...

Consultant, you will be responsible for supporting pre-sales activities across all of our core services, with focus on technical assurance, penetration testing and incident response, ensuring excellent customer service is provided from the outset. You will have a consultative approach to working with our clients and will … enjoy building relationships with clients. You will have a strong appetite for continuous learning and expanding your expertise in cyber security, technical assurance and incident response. Remuneration and benefits Excellent salary and benefits package Salary negotiable depending on skills, experience, and qualifications Matched company pension up to 5% Private ...

Azure + Microsoft 365 security Solid Windows Server + VMware (Vsphere/ESXi) Experience with SOC/monitoring tools (Darktrace/RocketCyber or similar) Incident response, threat analysis and remediation Knowledge of MFA, Conditional Access, endpoint security Comfortable working across hybrid environments (cloud + on-prem) This ...

hours fall between 07:30 – 18:30 (shift-based coverage) Participation in an on-call rota is required to support high service availability and incident response Why Apply? Work on mission-critical, cutting-edge systems Be part of a collaborative, high-performing engineering environment Influence the design ...

delivery teams and directly with customers to ensure deployed systems are secure and robust, and operating policies are in place to maintain security Support incident response for security events affecting our products and systems Develop and execute on a roadmap to ISO27001 or equivalent certification for our development ...