101 to 125 of 779 Incident Response Jobs in the UK

enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and vigilance. Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in … and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of the cyber threat landscape, including adversary tactics, campaigns, and the intersection of insider and external threats. Demonstrated ability to analyze anomalies More ❯

standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement, cross More ❯

Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden AKS … hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry monitoring and improvement of detection logic and alert fidelity. Leadership & Mentoring Provide engineering mentorship to More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Security Architecture Strategy & Governance Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the More ❯

strategies. Your responsibilities will include maintaining detailed documentation on security architecture, patterns, and practices, advising on critical aspects such as data protection, identity and access management, network security, and incident response within Azure. Staying abreast of the latest Azure security capabilities, threats, vulnerabilities, and industry trends will be essential. You will also support audit, compliance, and regulatory requirements More ❯

across security functions. Leadership Lead by example, demonstrating technical and professional skills. Communicate effectively with stakeholders. Innovate by automating processes and adopting new capabilities. Provide clear direction during cyber incident responses. Identify risks and articulate capability gaps. Manage ambiguity and operate decisively. Build partnerships and collaborate effectively. Influence within a matrix organization. Focus on customer-centric solutions. Commit to … lifecycle management. Ability to lead teams through change and adapt to evolving threats. High integrity and ethical standards. Knowledge of cloud security and hybrid environments. Experience with vulnerability and incident management. Financial industry experience preferred. If interested, please apply or contact me at 0207 509 8040 or via email at darius.goodarzi@robertwalters.com. Robert Walters Operations Limited is an employment More ❯

timely and comprehensive intelligence on external threats to the Security Operations Center (SOC) for detection, continuous monitoring of multiple security-related information sources, threat hunting, and, when needed, manage incident response related to cyber, privacy, and data protection for Gates data, infrastructure, and networks. The CSCC team will take disparate data sets and combine it with threat information … and identify incidents and drive appropriate responses to contain and minimize impact the threats and restore normal operations. Key responsibilities: Actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, will provide proactive threat research, and recommend mitigation strategies. Utilize the latest in security technology and be at the forefront of incident response to support operations at Gates locations around the world. Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and providing cyber security metrics. Evaluating and determining if/when information security violations have occurred through examination of network or device logs, open-source research, vulnerability and configuration scan data, and More ❯

seeking a permanent Information Security Specialist to join our prestigious Global Investment Bank client's team. This role involves a wide range of responsibilities including security operations, threat intelligence, incident response, and compliance tasks. The ideal candidate will have experience in IT infrastructure security, particularly within financial institutions, and a strong understanding of various security platforms and standards. … and configurations on virtualization platforms, Windows, and Linux. Working experience with network infrastructure components such as IPS, SIEM, WAFS, load balancers, proxies, and firewall management systems. Solid understanding of incident management and forensics for security-related issues. Excellent documentation and communication skills, with the ability to communicate effectively with technical colleagues. Qualifications and Training (Good to Have): CISSP or … identifying and reporting potential unauthorized access. Implement and maintain Active Directory and File Share security controls, and participate in regular AD security assessments and remediation efforts. Threat Intelligence and Incident Response: Monitor and analyse phishing campaigns and assist in managing the organizational phishing response program. Review and distribute threat intelligence alerts to relevant stakeholders, assessing potential impacts More ❯

and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with internal teams and clients to strengthen security posture. Provide technical … expertise and guidance on security incidents and resolutions. Participate in the on-call rota to provide 24/7 incident response support. Contribute to process improvements and knowledge-sharing within the SOC team. Required Skills/Must Have: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/… IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders. Salary More ❯

SOC Analyst to join their established Security Operations Centre (SOC), working alongside a team of experienced Cyber Engineers and Analysts. This is a critical role where you will lead incident investigations, mentor junior analysts, and represent the SOC in key stakeholder engagements. Your new role Monitor, triage, and investigate security alerts using protective monitoring platforms Interpret system logs and … reports to identify intrusions, threats, or policy breaches Lead the team in incident investigations and determine appropriate response actions Oversee the implementation of resolutions and ensure effective incident handling Analyse security event data to support customer incident response Represent the SOC in meetings, advise on new services, and assess operational impact Stay up to date More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient … operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging More ❯

automation, cloud technology, and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incident response during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯

plus benefits . The role As Security Operations Manager, you will lead and manage the Security Operations Team and have responsibility for security event monitoring, management and incident response. Reporting to the Chief Information Security officer, you will focus on ensuring the Pennon Group's Corporate and Operational Technology information systems are available, integral and confidential. What you'll … be doing Lead and provide first line supervision to the Security Operations Team that is primarily responsible for security event monitoring, management and incident response. Act as the focal point for any investigations involving information security. Provide management oversight for information security incident identification, assessment, and response, reporting, communication, mitigation and monitoring. Play a significant role in … for Extensive IT knowledge and experience in Cyber Security and Information Security standards and frameworks such as ISO27001 and Cyber Essentials. Confident in leading and managing teams Proficient in Incident Management and Response procedures and familiarity of ITIL. Extensive and broad-based IT and business experience, delivering diverse corporate and operational IT services in a medium/large More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

a fast-paced and dynamic environment where you can take ownership of projects and work as part of a supportive team. Key responsibilities: Manage security operations, governance, architecture, and incident response functions Integrate "Security-focused architecture" methodologies throughout development and infrastructure processes Create and deploy IT security policies, procedures, and operational standards Implement a security awareness culture while … deliver security consultancy to business units and clients Lead organization-wide information and cybersecurity strategy development Evaluate IT security risks and execute informed risk-based strategic decisions Lead security incident response and oversee compliance monitoring activities Qualifications and Requirements Proven capability to function at both strategic and tactical levels, engaging technical and executive stakeholders Comprehensive IT security leadership More ❯

senior leadership role responsible for shaping and executing the strategic vision of the Global Cyber Defense (GCD) organization. This position leads a diverse team across multiple cybersecurity domains including Incident Response, Threat Intelligence, Red Team, Cyber Countermeasures, Threat Hunting, Vulnerability Management, Forensics, eDiscovery, and Insider Threat programs. The role requires a strategic thinker with deep technical expertise, strong … Cyber Defense in alignment with broader cybersecurity and business goals. Lead efforts to identify and respond to emerging cyber threats using advanced threat intelligence and proactive defense strategies. Oversee incident response planning and execution, ensuring alignment with broader crisis management frameworks. Build and maintain robust capabilities in Data Loss Prevention, cyber forensics, and eDiscovery. Direct red teaming, cyber … align cybersecurity initiatives with business objectives and risk management strategies. Problem Solving Tackles complex, evolving cybersecurity challenges requiring innovation and adaptability. Makes high-stakes decisions under pressure, balancing rapid response with thorough investigation. Navigates regulatory requirements, emerging technologies, and human factors in cybersecurity. Impact and Influence Influences the entire organization's cybersecurity posture and strategic resilience. Decisions directly affect More ❯

local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning … cyber security trends, threats, tools, and protocols -demonstratable vendor agnostic technical appreciation of both defensive and offensive Cyber Security with focus on Microsoft security competencies. Strong experience in leading incident response, technical investigations, and high-pressure decision-making. Excellent communication skills with the ability to influence and collaborate at all organisational levels. Strategic thinking with a focus on More ❯

ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely … CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor’s degree in Cybersecurity, Computer Science … roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯