26 to 50 of 130 Incident Response Jobs in South Yorkshire

Location London Work style: Onsite office-based role Salary: up to £75000 Per annum Languages: Mandarin Chinese and English Key Responsibilities: 1. Security Monitoring & Incident Response Monitor security tools (firewalls, IDS/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware … unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints for NAC upgrades and troubleshooting. 4. IP Telephony More ❯

in place, this is a relatively greenfield SOC buildout, where you will work alongside the SOC Manager to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Work closely with Security Engineering team … to recommend system tuning/configuration improvements. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment, dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge of the Microsoft Security stack – Defender, Sentinel, etc … Knowledge of various Incident Response techniques and procedures. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. If you’re an experienced SOC Analyst, looking to shape how one of the most innovative Mobile Payments FinTech firms build out their cyber defence capability and leave a More ❯

in place, this is a relatively greenfield SOC buildout, where you will work alongside the SOC Manager to shape their SOC monitoring, detection and response function. Key Responsibilities: Act as a lead and technical escalation point on the most complex incidents and investigations. Work closely with Security Engineering team … to recommend system tuning/configuration improvements. Mentor and train junior team members through complex incident response investigations. Key Requirements: Significant experience working in a SOC environment, dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge of the Microsoft Security stack – Defender, Sentinel, etc … Knowledge of various Incident Response techniques and procedures. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. If you’re an experienced SOC Analyst, looking to shape how one of the most innovative Mobile Payments FinTech firms build out their cyber defence capability and leave a More ❯

The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title: Security Consultant Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to … develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as … AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with established Service Level Agreements (SLAs). Build and customise dashboards to support real-time reporting and More ❯

The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title: Security Consultant Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to … develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as … AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with established Service Level Agreements (SLAs). Build and customise dashboards to support real-time reporting and More ❯

manage system health. Skills and Strengths: AWS (Amazon Web Services) Auto Scaling Fargate Route53 Observability tools (New Relic, DataDog, Splunk) Containerization (Docker, Kubernetes, Fargate) Incident Response IaC (Terraform, CloudFormation, Helm, CDK) Scripting (Ansible, Bash, Python, GO) CI/CD Primary Job Responsibilities: Design and support EC2/ECS … solutions to improve scalability and efficiency. Implement security best practices across AWS environments, ensuring compliance with industry standards and safeguarding cloud infrastructure. Develop automated incident response mechanisms and self-healing solutions to minimize downtime and enhance fault tolerance. Diagnose and resolve infrastructure, networking, and application-related performance issues More ❯

manage system health. Skills and Strengths: AWS (Amazon Web Services) Auto Scaling Fargate Route53 Observability tools (New Relic, DataDog, Splunk) Containerization (Docker, Kubernetes, Fargate) Incident Response IaC (Terraform, CloudFormation, Helm, CDK) Scripting (Ansible, Bash, Python, GO) CI/CD Primary Job Responsibilities: Design and support EC2/ECS … solutions to improve scalability and efficiency. Implement security best practices across AWS environments, ensuring compliance with industry standards and safeguarding cloud infrastructure. Develop automated incident response mechanisms and self-healing solutions to minimize downtime and enhance fault tolerance. Diagnose and resolve infrastructure, networking, and application-related performance issues More ❯

infrastructure. Role & Responsibilities: Monitor networks and systems for security breaches, intrusions, and abnormal system behavior Investigate security incidents, perform root cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools More ❯

infrastructure. Role & Responsibilities: Monitor networks and systems for security breaches, intrusions, and abnormal system behavior Investigate security incidents, perform root cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools More ❯

Linux, Metasploit, Wireshark, Nessus, or equivalent. Good knowledge of network security, firewalls, managed switches, and server configurations. Familiarity with SIEM tools, vulnerability scanning, and incident response. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP, CEH, CISSP, CISM, or ISO27001 More ❯

Linux, Metasploit, Wireshark, Nessus, or equivalent. Good knowledge of network security, firewalls, managed switches, and server configurations. Familiarity with SIEM tools, vulnerability scanning, and incident response. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP, CEH, CISSP, CISM, or ISO27001 More ❯

ongoing career development and training. As one of our Cyber Security Operations Engineers, you will be responsible for:- Conducting security investigations and leading security incident responses, driving incident resolution Monitoring security systems and infrastructure to support the best performance and reliability Implementing and managing security tools and processes … skills, then LETS TALK! Expertise in an operational Security Operations Centre Previous experience as a Cyber Security Operations Engineer Hands-on experience in an incident response role utilising CrowdStrike Experience developing and delivering on incident and program status Familiar with threat hunting, leveraging intelligence data to proactively More ❯

ongoing career development and training. As one of our Cyber Security Operations Engineers, you will be responsible for:- Conducting security investigations and leading security incident responses, driving incident resolution Monitoring security systems and infrastructure to support the best performance and reliability Implementing and managing security tools and processes … skills, then LETS TALK! Expertise in an operational Security Operations Centre Previous experience as a Cyber Security Operations Engineer Hands-on experience in an incident response role utilising CrowdStrike Experience developing and delivering on incident and program status Familiar with threat hunting, leveraging intelligence data to proactively More ❯

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

based clients, this role also requires eligibility to obtain SC Clearance. Roles & Responsibilities Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel. Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross … as expected, identifying opportunities for further improvements. Skills & Experience Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development More ❯

User Behaviour Analytics (EUBA) and Insider Risk Management processes and tools Experience in analyzing, and responding to DLP alerts and incidents, collaborating with the Incident Response team for incident remediation Data Classification and Protection: Knowledge of data classification methodologies and the associated compliance frameworks An understanding of More ❯

User Behaviour Analytics (EUBA) and Insider Risk Management processes and tools Experience in analyzing, and responding to DLP alerts and incidents, collaborating with the Incident Response team for incident remediation Data Classification and Protection: Knowledge of data classification methodologies and the associated compliance frameworks An understanding of More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

ecosystem. You are passionate about leveraging Microsoft security technologies to protect critical assets and data, with a focus on proactive monitoring, threat detection, and incident response. Your hands-on expertise with Microsoft Defender solutions and Azure-based security tools will be crucial in maintaining a secure and resilient IT … Group Policy (GPO) to secure endpoints, user accounts, and cloud applications. Monitor security alerts and incidents through Microsoft Sentinel, conducting thorough investigations and leading response efforts to mitigate risks. Perform proactive threat hunting using data from Defender, Sentinel, and Entra logs to detect potential security incidents. Optimise and maintain … threat detection rules, automation playbooks, and alert tuning within Sentinel and Defender solutions to reduce false positives and enhance response efficiency. Manage access control policies and identity protection configurations to secure user authentication and reduce the risk of account compromise. Regularly assess the security posture of Microsoft 365 and More ❯

This is not your average support role – you’ll be: Client-facing – engaging with high-profile stakeholders, requiring strong communication Handling monitoring, escalations, and incident response Working closely with Cloudflare’s security & performance services Supporting feeds & tools introduced to prevent breaches during races Acting as a key part … of the incident management chain Must-Have Skills Cloudflare experience (WAF, CDN, DDoS protection, DNS, etc.) Strong communication – this is a client-heavy, speaking role Understanding of security operations, monitoring, and escalation Experience in incident or breach response Comfortable in a high-pressure, fast-moving environment like More ❯

This is not your average support role – you’ll be: Client-facing – engaging with high-profile stakeholders, requiring strong communication Handling monitoring, escalations, and incident response Working closely with Cloudflare’s security & performance services Supporting feeds & tools introduced to prevent breaches during races Acting as a key part … of the incident management chain Must-Have Skills Cloudflare experience (WAF, CDN, DDoS protection, DNS, etc.) Strong communication – this is a client-heavy, speaking role Understanding of security operations, monitoring, and escalation Experience in incident or breach response Comfortable in a high-pressure, fast-moving environment like More ❯

Ireland (Hybrid - 2 Days Onsite Weekly) Schedule: Friday to Tuesday, 9:30 AM - 5:30 PM BST Key Responsibilities: Monitor security tools and support incident detection within a global SOC environment Respond to Tier 1 and Tier 2 cybersecurity incidents and threats Perform incident analysis and draft root … cause reports with recommended mitigations Coordinate response activities across multiple stakeholders and environments Support deployment and configuration of endpoint detection and logging tools Assist in designing detection use cases and refining SIEM rules Participate in threat hunting and vulnerability management activities What You Bring: 2+ years of experience in … a SOC or security-focused technical role Strong knowledge of SIEM platforms (e.g., Alien Vault, QRadar, ArcSight, or LogRhythm) Experience in incident response, malware analysis, and threat hunting Proficiency with Linux command line and network security tools Familiarity with public cloud platforms (AWS, Azure) Understanding of network protocols More ❯

Ireland (Hybrid - 2 Days Onsite Weekly) Schedule: Friday to Tuesday, 9:30 AM - 5:30 PM BST Key Responsibilities: Monitor security tools and support incident detection within a global SOC environment Respond to Tier 1 and Tier 2 cybersecurity incidents and threats Perform incident analysis and draft root … cause reports with recommended mitigations Coordinate response activities across multiple stakeholders and environments Support deployment and configuration of endpoint detection and logging tools Assist in designing detection use cases and refining SIEM rules Participate in threat hunting and vulnerability management activities What You Bring: 2+ years of experience in … a SOC or security-focused technical role Strong knowledge of SIEM platforms (e.g., Alien Vault, QRadar, ArcSight, or LogRhythm) Experience in incident response, malware analysis, and threat hunting Proficiency with Linux command line and network security tools Familiarity with public cloud platforms (AWS, Azure) Understanding of network protocols More ❯

on handling spam, malicious emails and other potential threats - Help develop, maintain and document security policies, processes, and procedures to maintain compliance, including Cyber Incident Response Plans Security Analyst - You: - You will have at least 5 years commercial experience gained within a security or infrastructure role - CySA+ or More ❯

ready’ state Capacity management including power, floor space and assisting with forecasting loadings. Change management approval site level responsibility. Support the CTO team with Incident and problem management. Assist with hardware replacements, RMA tasks Managing new and existing business requirements Responsible for managing the internal cabling (and external carrier … technical issues and incidents. Vendor and Stakeholder Management Collaborate with vendors and internal stakeholders to integrate DC solutions into banking infrastructure and services seamlessly. Incident and Change Management Lead incident response efforts for Data Centre related issues, ensuring rapid resolution and minimal business impact, including out of … Centre Operations or other similar critical operations role. Strong and demonstrable process management and development experience in a live operational environment. Extensive real time Incident/Fault management experience in a business-critical environment. Managing 3rd party suppliers to deliver against stringent SLA’s. Financial and Budget Management. Good More ❯