126 to 150 of 432 Incident Response Jobs in the UK

Clearance - London Based or ability to travel to London.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

limited to) Azure infrastructure failover, M365 backup/restore, network infrastructure failover. Act as one of the primary points of contact for incident response, and Major Incident Management (MiM). Participate in monthly continuous improvement meetings and collaborate with stakeholders to define recovery objectives, including Recovery Time ...

business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such … 24x7 operational security coverage. Proactively drive efficiency improvements via the use of automation and AI in security operations processes. Own and develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain ...

performance: Use observability tools like Prometheus and Grafana to track the health of test environments, identify bottlenecks, and resolve issues proactively, not reactively. Manage incident response: Lead the incident management process for test environment issues, conducting blameless post-mortems to understand the root causes and implement lasting … associated with test environments to free up engineering time for more strategic work. Strategic and cultural responsibilities Drive continuous improvement: Analyze environment performance data, incident reports, and post-mortems to identify opportunities for continuous improvement and innovation. Balance reliability and speed: Use an "error budget" for test environments. ...

technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Demonstrated ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain ...

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain ...

Join our global cybersecurity team as Security Analyst. You’ll design and optimize security monitoring across hybrid environments, detect and analyze threats, and support incident response. This role combines hands-on technical expertise with strategic oversight, ensuring compliance with global standards like PCI DSS and ISO 27001. Ideal candidates … Defender, AWS Security Hub, GuardDuty, Inspector) Threat Detection : Analyze alerts, correlate events across hybrid environments, and leverage threat intelligence to identify and prioritize risks Incident Response : Escalate validated incidents, provide detailed context, and collaborate with operations teams for containment and recovery Continuous Improvement : Tune detection rules, automate workflows ...

participate in telecommunications projects, including system upgrades, migrations, and new implementations. Collaborate with other IT teams and external vendors to ensure project success. Incident Management Manage and document the lifecycle of critical incidents from initial report to resolution, including post-incident reviews. Develop and maintain incident response ...

detect, analyse, and respond to security threats in real-time. Proactively identify vulnerabilities and risks through regular assessments and penetration testing and lead incident response efforts for cloud-related security breaches, ensuring minimal downtime and data loss. Develop automated workflows for vulnerability management, incident detection, and response. ...

rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement ...

rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement ...

rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement ...

rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement ...

improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability ...

payment experiences for millions of passengers, with high system availability and responsive issue resolution. The individual will lead operational practices, monitor system health, coordinate incident response, and serve as a key liaison between Ticketing Leadership, technology teams including internal and external suppliers and customer experience stakeholders. Key Responsibilities … System Monitoring: Oversee daily performance of ticketing systems, ensuring uptime and reliability. Incident Management: Respond to and resolve technical issues quickly, coordinating with internal teams and vendors. Vendor Coordination: Manage relationships with service providers, payment networks, and platform vendors to maintain SLAs. Compliance: Ensure adherence to PCI DSS, GDPR ...

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security ...

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security ...

across systems and infrastructure. Track emerging threats and recommend updates to policies, standards, and procedures. Oversee daily security operations, including monitoring, vulnerability management, and incident response. Lead and mature the regional incident response function, coordinating with global teams on high-severity events and driving continuous improvement. Manage … primary contact for operational cyber matters, providing clear, timely communication to stakeholders and leadership. About You Demonstrable experience in cyber security operations, including incident management, threat monitoring, and vulnerability management. Familiarity with regulatory frameworks within region and best practices (such as ISO 27001, NIST CSF, Cyber Essentials). Professional ...

multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats … with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with ...