23 of 23 Incident Response Jobs in the Thames Valley

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover … Strong understanding of NCSC HMG IAS5, Cyber Assessment Framework (CAF), ISO 27001, and GDPR Hands-on experience integrating with a UK Government SOC, including incident response and security reporting Strong working knowledge of Oracle Cloud security (OCI IAM, Vault, network security, audit, PAM) Experience securing Oracle SaaS applications ...

control systems remain secure, compliant and operationally robust. You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement … safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate ...

hands-on role in ensuring it is reliable, scalable, and observable. You will help establish and mature SRE practices, focusing on: Monitoring and observability Incident response Post-incident review Reliability testing and capacity planning Toil reduction Enabling development velocity We offer a hybrid working arrangement with … Milton Keynes office. Key Responsibilities: Support teams using ConnellsX and respond to incidents in a structured, blameless way Investigate root causes and drive post-incident actions to completion Define SLIs, contribute to SLOs, and monitor error budgets Build dashboards, alerts, and runbooks to improve visibility Automate repetitive tasks ...

Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party … Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender ...

consolidation of the wide area network to improve connectivity, performance, and sustainability Cyber Resilience: Strengthening of security through a refreshed Cyber Incident Response Plan, enhanced monitoring, and plans for a managed Security Operations Centre (SOC) with 24/7 incident response AI & Innovation: Scaling AI, particularly ...

performance optimisation Oversee DNS migrations, upgrades, and transformations Implement and maintain DNS security (DNSSEC, DDoS protection, threat mitigation) Monitor performance, availability, and ensure robust incident response processes Act as escalation point for complex DNS/network issues and lead root cause analysis Drive automation using scripting (Python, PowerShell ...

maintain security tooling across cloud environments Work with engineering teams to improve security, reliability, and operational resilience Implement monitoring, logging, and alerting solutions Support incident response, troubleshooting, and continuous improvement activities Contribute to automation initiatives and security-by-design practices Requirements Experience working with AWS cloud environments Hands ...

maintain security tooling across cloud environments Work with engineering teams to improve security, reliability, and operational resilience Implement monitoring, logging, and alerting solutions Support incident response, troubleshooting, and continuous improvement activities Contribute to automation initiatives and security-by-design practices Requirements Experience working with AWS cloud environments Hands ...

maintain security tooling across cloud environments Work with engineering teams to improve security, reliability, and operational resilience Implement monitoring, logging, and alerting solutions Support incident response, troubleshooting, and continuous improvement activities Contribute to automation initiatives and security-by-design practices Requirements Experience working with AWS cloud environments Hands ...

fast-paced environment. What you'll be doing: Monitoring and investigating security alerts and incidents. Triaging and responding to security events. Supporting incident response activities. Improving detection rules and SOC processes. Producing incident reports and documentation. What we're looking for: Previous SOC Analyst experience. Experience with ...

environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track ...

frameworks, and risk management processes. Develop and maintain the Group IT Security Risk Register. Lead cyber security risk assessments and remediation planning activities. Manage incident response, cyber investigations, and escalation procedures. Oversee annual penetration testing programmes and security audits. Support compliance initiatives including Cyber Essentials, Cyber Essentials Plus ...

decisions through credibility, judgement and impact. Strong delivery mindset with the ability to manage multiple complex initiatives simultaneously, demonstrating consistent outcomes across risk management, incident response, assurance and security improvement programmes. Advanced capability in the safe and responsible use of AI and emerging technologies, including enterprise ...

duplication, and support maintainable, secure and high-performing systems. Improve delivery capability through platform reliability and DevOps maturity Continuously strengthen deployment pipelines, observability, alerting, incident response, recovery procedures and operational readiness across Field Ops engineering teams. Manage stakeholders and maintain clear communication Build trusted relationships across product, operations … data quality controls. Ability to produce both high-level and detailed design specifications. Experience leading DevOps practices, including CI/CD, observability, monitoring and incident management. Demonstrated capability leading multi-squad engineering delivery in a product-led organisation. Mindset & Ways of Working Comfortable working in iterative, outcome-focused agile ...

platform and service design from the outset Lead key SRE practices such as reliability reviews, operational readiness, and toil reduction Drive automation across monitoring, incident response, and remediation Act as the technical escalation point for major incidents and high-risk releases Lead blameless post-incident reviews ...

availability Implement self-service tooling to empower development teams Drive DevOps best practices across the digital product lifecycle Develop and enhance monitoring, observability, and incident response processes Support global engineering teams delivering high-traffic platforms Key Requirements Proven experience supporting digital product delivery in a DevOps or platform ...

Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital … Cyber Security policies under the SIRO. Lead ISO 27001 recertification, internal audits, and remediation. Work with infrastructure/product teams on data security and incident handling. Oversee playbooks and ensure measurable risk reduction. Digital Clinical Safety Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian. Maintain the Digital ...

Responsibilities Deliver security assessments, gap analyses, and improvement plans Support compliance (Cyber Essentials/Plus, ISO 27001) Provide GRC and vCISO advisory services Support incident response planning and deliver workshops Maintain ROCs ISMS and support internal compliance Conduct risk assessments and drive security awareness Contribute to cyber security ...

customers across multiple sectors. Youll act as an escalation point for Tier 1, owning investigations end-to-end triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. Youll also mentor junior analysts and help mature playbooks ...

across multiple sectors. You’ll act as an escalation point for Tier 1, owning investigations end-to-end — triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. You’ll also mentor junior analysts and help mature playbooks ...

other information security standards are beneficial Previous experience developing and implementing data protection frameworks, conducting audits/risk assessments and managing data breaches and incident response Personal Attributes Excellent communication skills Good literacy and numeracy skills Good attention to detail Excellent stakeholder management with technical and non-technical ...

specialist vendors performing maintenance or repair activities on site Follow permit-to-work and safety procedures for all maintenance and operational activities Participate in incident response and support troubleshooting during infrastructure events Maintain accurate maintenance records and operational logs Support testing activities including generator tests and infrastructure failover ...