126 to 150 of 361 Incident Response Jobs in the UK

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

oversee technical security controls across identity, endpoint, cloud, and network environments. Govern outsourced security services (e.g., MDR/SOC) to ensure effective detection, response, and remediation. Define and implement a vulnerability management programme. Lead incident response planning, testing, and lessons-learned processes. Embed security into the delivery ...

posture Key Responsibilities – Operations & Troubleshooting • Investigate complex identity issues using logs, audit data, and sign-in reports • Troubleshoot authentication protocols and access flows • Support incident response and post-incident analysis for identity-related outages • Collaborate with security, endpoint, and infrastructure teams on end-to-end solutions Required ...

software and quality engineers, fostering a culture of ownership, accountability, and continuous improvement. Own production health for your teams’ services, including on-call rotations, incident response, and post-incident reviews in a “you build it, you run it” environment. Lead operational excellence initiatives to improve observability, resiliency ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

data remain protected against evolving threats. IT Security Analyst Key Skills: * IT security principles and best practices * Risk assessment and mitigation * Security monitoring and incident response * Microsoft security tools (Defender, Purview, etc.) * GDPR and data protection compliance * Patch management and vulnerability management * Networking and infrastructure security * Security frameworks ...

access management (IAM), encryption, API security, and network security. Evaluate and implement security tooling (e.g., SIEM, EDR, DLP, WAF) within platform environments. Support incident response activities and provide expert guidance on security incidents affecting trading systems. Required Skills & Experience Proven experience in a Cyber Solution Architect role with ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

landing zones. Lead the development of CI/CD pipelines and automated infrastructure delivery. Promote strong observability, monitoring and alerting practices. Take part in incident response, root cause analysis and platform stability improvements. Balance build-and-run responsibilities with a focus on long-term platform health. ...

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will ...

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

compute, storage, networking, and virtualization platforms, optimising for cost and resilience. Define engineering best practices and guide teams on platform observability, monitoring, and incident response. Foster strong collaboration across engineering, architecture, and operations to ensure cohesive platform delivery. Lead and develop a high-performing infrastructure engineering team, building technical ...

high technical and security standard Deliver and maintain a secure Azure operating model Ensure consistency, resilience, and scalability across Azure environments Operational Leadership & Incident Management Lead and coordinate Major Incident response relating to Azure and associated cloud services Act as a senior escalation point for complex platform … issues Drive post-incident reviews, root cause analysis, and service improvements Vendor & Service Management Provide a high standard of vendor and service management Manage relationships with Microsoft and third-party suppliers Ensure services meet agreed SLAs, security expectations, and value-for-money objectives Lead service reviews and escalation activities ...

CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows … Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

doing: Leading CrowdStrike Falcon deployment, configuration, and optimisation Enhancing Splunk SIEM dashboards, alerts, and threat detection capabilities Acting as a senior escalation point for incident response Driving SOAR automation to improve response times Conducting proactive threat hunting Upskilling internal teams across CrowdStrike, Splunk, and security analysis What ...

escalate and resolve high-risk vulnerabilities Stay ahead of the curve through continuous learning, certifications, and knowledge-sharing Champion precision: produce top-tier incident reports and maintain robust documentation Our perfect candidate should have a wealth of knowledge spanning various technologies and being able to use these skills … apply. Full UK Driving License Entry-level security certifications (CompTIA Security+, CySA+, etc.) or working toward one Hands-on experience in security incident response, vulnerability assessments, and root cause analysis Skilled in producing incident reports, security metrics, and supporting awareness training Comfortable with internal security audits ...

escalate and resolve high-risk vulnerabilities Stay ahead of the curve through continuous learning, certifications, and knowledge-sharing Champion precision: produce top-tier incident reports and maintain robust documentation Our perfect candidate should have a wealth of knowledge spanning various technologies and being able to use these skills … apply. Full UK Driving License Entry-level security certifications (CompTIA Security+, CySA+, etc.) or working toward one Hands-on experience in security incident response, vulnerability assessments, and root cause analysis Skilled in producing incident reports, security metrics, and supporting training Comfortable with internal security audits and refining ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

ideas, feedback, and solutions Taking full ownership of assigned tasks from planning through to delivery Communicating progress, blockers, and risks clearly and proactively Supporting incident response, including escalation, resolution, and post-incident improvements Documenting systems, processes, and technical decisions with clarity and accuracy Handling context switching effectively ...

CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate … Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry ...

services such as AWS Secrets Manager or HashiCorp Vault. Implement robust monitoring, alerting, and observability tooling (e.g., CloudWatch, Prometheus, Grafana, Datadog). Participate in incident response, root cause analysis, and resilience improvements. Maintain and evolve CI/CD pipelines using tools such as GitHub Actions, Bitbucket Pipelines ...

performance analysis, and automate improvements where possible. Ensure high availability and data integrity through proactive alerting, backups, and robust disaster recovery planning. Own major incident response, troubleshooting and root-cause analysis, implementing long-term fixes. Maintain security best practice across cloud and on-premise environments, including vulnerability management ...