1 to 25 of 190 Incident Response Jobs in the UK

that Attack Analysis requirements are represented in the architecture, design and implementation of cloud environments. You'll help design, write and automate detection and incident response processes and tools for public and private cloud environments. Working in cybersecurity takes passion for technology, speed, a desire to learn, and … strengthen our data. As a member of the Attack Analysis team, you will fit into a Global team providing 24/7 monitoring and Incident Response , acting as the frontline for attacks against the firms' infrastructure. As a Detection Engineer, your role will include advanced analysis, threat hunting … as a technical escalation point and coaching the team through adopting monitoring responsibility. Key areas of focus include: Public/Private Cloud Engineering and Incident Response,Detection Engineering, Threat Modelling.Hands-on experience withat least 1 cloud platform (AWS, Azure, GCP) is required. Primary Qualifications Min. 6 years of more »

Global Head of Technical Cyber Incident Response We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. As part of a business wide transformation, we have an exciting opening for a … new role of Global Head of Technical Cyber Incident Response . As part of the Cyber Defence and Security Operations department, you will be a senior leader managing the ICS Incident Response service ensuring WTW can contain and eradicate cyber-attacks from our environment. You will … and a solid business acumen to deal with other senior stakeholders across the business. This role would suit those with an extensive history in Incident Response for global enterprise organisations or have led MSSP services and are used to working in a high-pressure environment and managing geographically more »

Introduction As a Principal Incident Response Consultant at IBM X-Force Incident Response, you will be responsible for managing and coordinating major cyber incidents across our clients’ enterprise environments. During a major cyber incident, Principal IR Consultants are responsible to ensure all relevant stakeholders are … kept informed, engagement objectives are met or exceeded, and coordinate and lead junior consultants in the response effort. A Principal Incident Response Consultant can communicate effectively with client executives, technical teams, counsel and other stakeholders to deliver excellence in responding to and resolving incidents. You are expected … network exploitation, covering tracks). Knowledge of cloud service models (e.g., IaaS, PaaS and SaaS) and how those models can limit digital forensics and incident response. Knowledge of malware analysis concepts and methodologies. Knowledge of adversarial tactics, techniques, and procedures. Knowledge of system and application security threats and vulnerabilities more »

Introduction As a Principal Incident Response Consultant at IBM X-Force Incident Response, you will be responsible for managing and coordinating major cyber incidents across our clients’ enterprise environments. During a major cyber incident, Principal IR Consultants are responsible to ensure all relevant stakeholders are … kept informed, engagement objectives are met or exceeded, and coordinate and lead junior consultants in the response effort. A Principal Incident Response Consultant can communicate effectively with client executives, technical teams, counsel and other stakeholders to deliver excellence in responding to and resolving incidents. You are expected … network exploitation, covering tracks). Knowledge of cloud service models (e.g., IaaS, PaaS and SaaS) and how those models can limit digital forensics and incident response. Knowledge of malware analysis concepts and methodologies. Knowledge of adversarial tactics, techniques, and procedures. Knowledge of system and application security threats and vulnerabilities more »

reputation worldwide. Key aspects of the role will be the development and delivery of Global Security initiatives and programs including but not limited to, incident response training, risk assessment reviews, event security, and technology solutions. You will be a member of the incident response team supporting … our information and personnel. You will have a well-developed understanding of the global security landscape, mitigation options available at the corporate level, and incident response best practice. You will need to be independent and self-directed and be comfortable and effective working on a virtual team within … stakeholders across cohorts to increase awareness of and support for the security agenda Ensuring effective collaboration and driving cross-functional teams Leading and coordinating incident response and business resiliency Leading and delivering elements of a global program within EMEA, including developing incident response business resiliency plans more »

ensure that appropriate security controls are in place for KPMG technology solutions. Role summary Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process Coordinate Security Incident management activities across Regions Provide Member Firms with Incident Response advice and support through the regional … set up, and maintain repeatable Teams War Room structure Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements Give Service Management the Security context of any Security … Incident promoted to Major Incidents Assist in the delivery of Cyber War games and purple teaming activities Initiate US Advisory IR assistance requests Coordinate US Advisory IR activities when necessary Key accountabilities Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major more »

As a member of Experians Global Security Office, the Enterprise Security Incident Manager functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centres (CFCs) response to significant cyber-security incidents according to Experians Global Information Security Incident Response Plan and processes. You will … be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incident response and managing executive communications until incident termination. The candidate for this role must be a self-starter, capable of working independently … and have strong technical skills involving cyber-incident response, strong writing skills and effective communication with leaders. This role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours, including holidays and weekends. Key Responsibilities more »

strengthening our commitment to leave the world better than we found it. Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven technical background, relevant Information … Security experience with a strong focus in the Incident Response lifecycle.You will work with a global team of security professionals on a follow-the-sun model with a primary focus on the identification, containment, and mitigation of security incidents. This role is an integral part of the security … will have the opportunity to work on technology and processes with global reach. Minimum Qualifications Extensive experience in Information Security with a focus on Incident Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them more »

Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »

This is a Senior Consultant role with responsibility for managing and delivering Control Risks cyber response threat hunting solutions. This involves managing our threat hunting engagements and where needed leading the technical aspects of cyber response cases. This role will report to the Associate Director of Cyber Response … enhance our Threat Hunting Standard Operating Procedures ensuring they reflect client requirements and align with our Cyber Threat Intelligence team Work with our Cyber Response Technology and Automation lead to implement the tooling required to effectively threat hunt Implement a quality assurance program to ensure threat hunting engagements proactively … attack techniques, to form hunting playbooks and mitigation steps. Work closely with our Cyber Threat Intelligence team and share threat hunting playbooks with the incident response team. Incident response Overseeing host and network based investigations. Leveraging the Digital Forensics Incident Response (DFIR) team to more »

a continuous improvement cycle. This is a leadership position and you'll be responsible for managing and mentoring junior SOC staff. You will lead incident responses and enhance incident response protocols and processes for communication within the organisation. Produce detailed incident reports and technical briefs for … management and external stakeholders as required. You will design and conduct regular exercises to test incident response procedures. * Lead the Cyber Security Operations Centre (CSOC) to monitor and defend the multiple networks against all cyber threats, providing expert advice to junior SOC staff. * Lead the vulnerability management program … the improvements that can be made to processes, playbooks, and tooling. * Define and implement the CSOC roadmap and monitoring strategy. * Ensure proper monitoring and response plans are in place to enable the timely and effective response to, and management of, incidents, alarms, notifications, calls and other activities related more »

a continuous improvement cycle. This is a leadership position and you'll be responsible for managing and mentoring junior SOC staff. You will lead incident responses and enhance incident response protocols and processes for communication within the organisation. Produce detailed incident reports and technical briefs for … management and external stakeholders as required. You will design and conduct regular exercises to test incident response procedures. * Lead the Cyber Security Operations Centre (CSOC) to monitor and defend the multiple networks against all cyber threats, providing expert advice to junior SOC staff. * Lead the vulnerability management program … the improvements that can be made to processes, playbooks, and tooling. * Define and implement the CSOC roadmap and monitoring strategy. * Ensure proper monitoring and response plans are in place to enable the timely and effective response to, and management of, incidents, alarms, notifications, calls and other activities related more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incident response and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/… Responsibilities: Operating from our modern offices in Dorset, Senior SOC Analysts work within a four-day operational rota, collaborating closely with Digital Forensic and Incident Response teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and … log data to assess the severity and impact of threats. Incident Response and Analysis: Investigating and responding to security incidents promptly. Conducting in-depth analysis of security events to determine scope, impact, and root causes. Threat Hunting: Proactively searching for hidden threats and vulnerabilities within the organization's more »

Role: Response Consultant Location: Bristol, Barnsley, Dundee, or Remote Salary: £34,000 to £38,000 per year (dependent on experience) Do you have experience in the response and incident management industry? If so, this could be the perfect opportunity for you! About: A dynamic environmental incident response, consultancy, and training organisation, supporting clients globally in the transport, chemical, shipping, and oil & gas industries, responding to oil, chemical, and HNS incidents. Role Overview: Continually growing and looking for talented Response Consultants to join the team! You will manage and deliver consultancy and training projects … including: - Developing oil spill contingency plans - Conducting environmental risk assessments - Performing readiness audits - Leading incident management exercises You'll also support real-time incident responses, provide technical guidance, interface with clients, and drive business development. Responsibilities: - Manage and deliver consultancy projects - Develop contingency plans and risk assessments - Conduct more »

Role: Response Consultant Location: Bristol, Barnsley, Dundee, or Remote Salary: £34,000 to £38,000 per year (dependent on experience) Do you have experience in the response and incident management industry? If so, this could be the perfect opportunity for you! About: A dynamic environmental incident response, consultancy, and training organisation, supporting clients globally in the transport, chemical, shipping, and oil & gas industries, responding to oil, chemical, and HNS incidents. Role Overview: Continually growing and looking for talented Response Consultants to join the team! You will manage and deliver consultancy and training projects … including: - Developing oil spill contingency plans - Conducting environmental risk assessments - Performing readiness audits - Leading incident management exercises You'll also support real-time incident responses, provide technical guidance, interface with clients, and drive business development. Responsibilities: - Manage and deliver consultancy projects - Develop contingency plans and risk assessments - Conduct more »

to identify vulnerabilities and implement mitigation strategies. Regulatory Compliance: Stay abreast of security trends, technological advancements, and regulatory changes to continuously enhance security measures. Incident Response: Incident Management: Promptly respond to security incidents, ensuring de-escalation and safety for all involved. Investigations: Conduct thorough investigations, gather evidence … accurate records and prepare detailed reports for management review and regulatory compliance. Training and Development: Ongoing Education: Provide continuous training on security procedures, emergency response tactics, and conflict resolution techniques. Drills & Simulations: Conduct regular drills to assess readiness and reinforce best practices for various security scenarios. Professionalism: Foster a … Cybersecurity Operations Manager, Information Security Operations Manager, IT Security Operations Manager, Network Security Operations Manager, Security Control Center Manager, Security Monitoring Manager, and Security Incident Response Manager. REF more »

We are looking for a Vice President, Solution Engineering, Cyber Risk to advise our clients and prospective clients on Managed Detection and Response (MDR) services. In this role you will partner with our Sales and Incident Response teams to introduce, position and architect technical solutions to address … our clients detection and response needs. You will act as a trusted advisor and technical subject matter expert on Managed Detection and Response, which will include sound working knowledge of Endpoint Detection and Response (EDR), Security Incident and Event Management (SIEM), and Network Detection and Response … the development of sales materials and documentation, and assist with sales-enablement for both internal and partner sales teams Support internal marketing, product, and incident response engagement managers with messaging and communication about Kroll s MDR services Engage with key technology and channel partners to represent Kroll s more »

using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. … Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic analysis on serious security incidents using data from multiple sources to ensure threats are contained and eradicated effectively. Cyber Crisis Scenario Testing: Participate … important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and more »

Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »

and services. Monitoring and Alerting: Implement and maintain robust monitoring, alerting, and logging systems to proactively identify and resolve issues. Ensure optimal system performance. Incident Response: Lead incident response efforts, investigate root causes of outages, and implement preventive measures to reduce the likelihood of recurrence. Capacity … Continuous Improvement: Continuously evaluate and improve system reliability, performance, and efficiency through automation and optimisation. Documentation: Maintain comprehensive documentation for infrastructure configurations, procedures, and incident reports. Requirements Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Proven experience as a Site Reliability Engineer more »

Learn to prioritise events based on severity and impact to ensure timely responses. Develop Security Playbooks: Assist in the creation and maintenance of event response playbooks to standardize and streamline the handling of common security scenarios. Respond to Inquiries: Address business-related requests and inquiries concerning security events, providing … clear and concise information to stakeholders. Support Incident Response: Participate in incident response efforts as needed, applying playbooks, and contributing to after-action reviews to improve future responses. Collaborate on Projects: Work closely with experienced analysts and engineers on projects to enhance security measures and implement more »

the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and Incident Response as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incident response processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »

Action Employer Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting and automation via pyton scripting and SOAR tools. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause … analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls … the department. Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting and automation via pyton scripting and SOAR tools. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause more »