151 to 175 of 321 Incident Response Jobs in the UK

implementing security controls, conducting threat modelling and architecture reviews, and defining secure configurations and standards. The role also ensures systems include robust monitoring, detection, incident response, and recovery capabilities, while supporting overall resilience. Additionally, as the Cyber Security Lead you will contribute to Change Advisory Board decisions, assessing ...

analysis. Oversee security operations including vulnerability scanning, penetration testing, and assessments. Manage and optimise security tooling (Firewalls, VPNs, IDS/IPS, EDR). Lead incident response activities, ensuring swift mitigation and root cause analysis. Collaborate across engineering, architecture, and compliance teams to embed security-by-design. What youll ...

issues Maintain and configure observability platforms such as Datadog Proactively monitor production and other environments to ensure stability, availability, security and integrity Participate in incident response, troubleshooting, and root cause analysis to mitigate and prevent future issues Work closely with engineering, support and operations teams to upskill ...

. Define and govern DevOps, platform engineering and observability standards, including CI/CD pipelines, infrastructure-as-code, containerisation (Docker, Kubernetes), monitoring, alerting and incident response architecture. People, Community & Governance Mentor and develop the architecture community within GPTI and the wider ST&S portfolio, coaching junior architects, technical ...

Resilience, Continuity & Recovery Manager (DORA) -Incident Manager UK Remote | Permanent Hiring a Senior Resilience, Continuity, Recovery Manager and Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience: * MUST DORA/Operational Resilience … Major Incident Management * Business Continuity & Disaster Recovery * Financial Services/FinTech * ISO 22301/ISO 27001/NIST * Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong ...

Security Analyst, youll act as a senior technical escalation point within the SOC, supporting the wider analyst team while leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity … work, candidates must have current SC clearance and be eligible to obtain UK Government DV clearance. What Youll Be Doing Lead the investigation and response to complex cyber security incidents across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during ...

/CD pipelines with blue-green, canary, and rolling deployments, including automated, zero-downtime database releases. Implement comprehensive monitoring, logging, alerting, and automated incident workflows with clear reporting. Strengthen cloud security posture (IAM, secrets, vulnerability scanning) and embed DevSecOps practices while maintaining PCI-DSS compliance. Drive reliability through SLIs …/SLOs, incident response, disaster recovery testing, and capacity planning for peak events. Optimise performance and cost across hybrid environments through right-sizing, forecasting, and resource governance. Apply AI-driven tooling for anomaly detection, operational optimisation, and compliance automation. Collaborate cross-functionally, maintain documentation, and promote DevOps best ...

Cyber Defence strategy, working closely with the internal stakeholders to create, align and execute for: Penetration Testing Security Operations Centre Management Endpoint Detection and Response Security Information Event Management Incident Response Plan Threat Hunting Skills & Experience Required Independent thinking, be a leader with a clear independent thorough ...

growing cyber security team based in South Manchester. You will play a key role in protecting critical systems, improving security posture, and supporting incident response across a modern hybrid IT environment. This is a hands-on technical role where youll work closely with infrastructure, cloud, and SOC teams … respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security … Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications – Essential ...

Cloud Platform Engineer Location - Glasgow - fully on site Duration - 40 weeks Contract AWS SRE Engineer - Incident Operations (AWS & Snowflake) We are looking for an AWS Site Reliability Engineer (SRE) with strong incident operations experience to support and improve the reliability of cloud and data platform services across … Snowflake. The role focuses on proactive monitoring, rapid incident response, service restoration, root cause analysis, and operational automation. The ideal candidate will have hands-on experience with AWS infrastructure, Snowflake operations, observability tooling, and on-call support in production environments. Key responsibilities: Lead incident triage and resolution ...

SIEM: Collaborate with our SOC partner to design and optimise Splunk dashboards and alerts, turning raw data into actionable intelligence to combat sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes … Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious activities within the environment. Train the Team: Elevate the skill level of the existing team in CrowdStrike, Splunk, and security analysis. ...

knowledge articles; contribute to operational readiness Support audits and control testing; evidence compliance with security and regulatory requirements. Participate in on-call/incident response, problem management, and continuous improvement. Essential Skills Knowledge of Multi-Factor Authentication/Passwordless Authentication technology is required. Strong hands-on experience with … engineering MFA/SSO within an enterprise IAM environment. Working knowledge of PKI, certificates, TLS, and key management concepts. Experience operating production services: monitoring, incident management, change/release processes. Desirable Skills Previous experience of working in financial services, ideally HSBC experience. EntraID/AzureAD experience. Scripting/automation ...

network infrastructure Oversee LAN, WAN, Wi-Fi, VPN, firewall, and internet connectivity environments Lead network security initiatives including monitoring, patching, access control, and incident response Support and develop cloud and hybrid infrastructure connectivity Manage relationships with third-party vendors, ISPs, and technology partners Provide technical leadership and mentorship … stable and forward-thinking organisation near Oxford, we would love to hear from you. Please send an up to date CV for an immediate response and more information on a fantastic opportunity with a truly great Client. ...

Egress and MFA solutions. Produce technical documentation and support continuous improvement initiatives across IT systems and services. Assist with information security compliance, audits and incident response activities aligned to Cyber Essentials and ISO27001 standards. Participate in an out-of-hours on-call rota and provide occasional support across ...

Impact Assessments (BIA). Design and implement Information Security Management Systems (ISMS). Identify, analyse, and embed security and resilience controls (e.g., access management, incident response, continuity planning). Measure, monitor, and report on organisational security posture aligned to risk appetite and evolving threats. Support CISOs and technology ...

environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track ...

environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track ...

implement a pragmatic, business aligned security roadmap Lead GRC, security operations and architecture oversight Drive improvements across identity & access management, cloud security and incident response Act as the senior escalation point for security incidents and risk decisions Engage with C-suite and board stakeholders, providing clear, commercially focused ...

Ensure environments are consistent, scalable, and aligned with application needs Observability & Reliability Implement monitoring, logging, and alerting focused on system and application health Support incident response and debugging across the stack Drive ongoing improvements to reliability and performance Required Experience Strong experience in DevOps, Platform Engineering, or Software ...

solutions such as Cisco DUO and Microsoft Authenticator * Assist with secure access technologies, including SASE platforms (e.g. Check Point Harmony) * Contribute to security monitoring, incident response, and remediation activities ________________________________________ Infrastructure & Networking * Assist with the administration of firewalls, particularly Cisco Meraki * Support and maintain network infrastructure, including switches ...

/IPS, DDoS, segmentation, encryption, and cloud security (AWS/Azure/GCP). Experience with vulnerability management, secure configuration, and incident response. General Requirements Strong communication and presentation skills. Ability to work independently and manage multiple priorities. Experience with enterprise customers and senior stakeholders. Willingness to travel within ...

vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating … customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively ...

cyber security operations, such as working as a Security Analyst, SOC Analyst or in a similar technical cyber security role Demonstrable experience of incident response and security configuration, with the ability to systematically analyse issues, identify root causes and implement effective solutions Strong technical knowledge of cyber security … tooling and techniques, including vulnerability management, incident investigation and monitoring tools such as SIEM, EDR and vulnerability scanners Practical understanding of core cyber security concepts, including network, infrastructure and system security across Windows and Linux environments, with awareness across networking, operating systems and cloud platforms Desirable: One or more ...