development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threat intelligence, assurance, and incidentresponse practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long-term, programmatic work. Support More ❯
audits Develop and maintain security compliance documentation Coordinate and respond to penetration testing activities Implement security recommendations and remediation plans Ensure infrastructure meets corporate security standards Participate in security incidentresponse planning Business Continuity: Lead disaster recovery planning for scientific computing infrastructure Coordinate and execute DR testing Maintain DR documentation and procedures Develop and maintain business continuity plans … Technical: Infrastructure architecture and design Performance optimization Problem-solving and troubleshooting Security best practices Technical documentation Business & Management: Contract negotiation and management Budget planning and control Risk management Audit response and compliance Strategic planning Vendor management Cost-benefit analysis Interpersonal: Strong communication skills Stakeholder management Team collaboration Conflict resolution Customer service orientation Ability to bridge technical and scientific domains More ❯
Norwich, Norfolk, England, United Kingdom Hybrid / WFH Options
Clarion
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incidentresponse, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Clarion
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incidentresponse, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
Norwich, Norfolk, East Anglia, United Kingdom Hybrid / WFH Options
Clarion Housing
explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incidentresponse, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯
industry regulations and standards (e.g., GDPR, ISO 27001). Manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software, in collaboration with GT. Develop and test incidentresponse plans and coordinate responses to security incidents and breaches. Raise cybersecurity awareness among bank employees through annual training/workshops. Other Duties Maintain professional and technical knowledge More ❯
varied environment, sharing your knowledge and experience to support, coach and mentor your colleagues, then we want to hear from you. Day to day responsibilities Lead threat detection and incidentresponse across modern security platforms Monitor and analyse alerts from EDR/XDR platforms, cloud services (M365, AWS, Azure), SIEM systems and more. Manage and optimise security tools More ❯
top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, IncidentResponse, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯
top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, IncidentResponse, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
Michael Page (UK)
ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incidentresponse Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯
Birmingham, West Midlands, West Midlands (County), United Kingdom Hybrid / WFH Options
Michael Page
ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incidentresponse Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯
Internal Cybersecurity Program: Develop, implement, and oversee the organization's comprehensive cybersecurity strategy, policies, and procedures. Conduct regular risk assessments and vulnerability assessments to identify potential threats. Manage cybersecurity incidentresponse and recovery plans. Ensure compliance with relevant industry regulations and standards. Build and maintain a strong security culture within the organization. Cybersecurity Product and Service Development: Identify More ❯
perspective, reducing risk during personnel changes. Partner with internal stakeholders to manage vendor selection and SaaS procurement, balancing usability, security and cost. Proactively monitor access controls, audit trails, and incidentresponse procedures and lead or escalate where needed. Champion scalable solutions, including the use of AI or automation for security monitoring, access reviews and alerting. Governance and Process More ❯
Review and monitor DFTO entity and TOC cybersecurity protocols for robustness andcompliance with relevant regulations and industry standards in DFTO entity Work proactively to identify vulnerabilities and support Group incidentresponse strategies. Develop IT Capacity within DFTO entity Build and enhance the IT capacity of DFTO at a corporate level, ensuring it can support and scale with the More ❯
Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯
Brighton, East Sussex, The City of Brighton and Hove, United Kingdom
Clearwater People Solutions
Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯
re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, IncidentResponse, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incidentresponse is essential. Responsibilities Provide forensic/incidentresponse consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Experian Ltd
CFC) you will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's IncidentResponse Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters from Experian's existing 24x7 … security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to ensure remediation and recovery from these threats.?Use analytics & data collected from endpoints, environmental logging … schedule and expectation to participate in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include:- Conduct advanced incidentresponse activities to investigate and contain complex and larger-scale cybersecurity matters (such as potential major severity More ❯
reporting to the Senior Manager of Security Operations. Responsibilities include managing security personnel, enforcing policies, promoting security awareness, and leading initiatives on Global Cyber Security (GCS) defensive measures and incident response. You will support daily security operations and incidentresponse processes, responding to crises to mitigate cyber threats, employing mitigation, preparedness, response, and recovery strategies. You … will work within the IncidentResponse team, coordinating with other Cyber Operations teams to identify, report, and remediate security incidents, including triaging events, analyzing networks and endpoints, reverse engineering malware, threat hunting, and vulnerability management. You will develop and implement SOPs, playbooks, and processes to streamline monitoring and investigations, supporting GCS's cybersecurity operations and incidentresponse programs. The ideal candidate should demonstrate leadership in supervising small teams, with expertise in cybersecurity practices, cloud technologies, detection and response frameworks, and incident handling (containment, eradication, recovery, lessons learned). They should adhere to established incidentresponse procedures, possess strong attention to detail, and collaborate effectively across global teams. Requirements include: Experience in security More ❯
have the potential to greatly benefit society. However, developing advanced AI also comes with risks if not properly safeguarded. That's why we are seeking an exceptional Detection and Response engineer that will be on the frontlines to build solutions to monitor for threats, rapidly investigate incidents, and coordinate response efforts with other teams. In this role, you … will have the opportunity to shape our security capabilities from the ground up alongside our world-class research and security teams. Responsibilities: Lead cybersecurity IncidentResponse efforts covering diverse domains from external attacks to insider threats involving all layers of Anthropic's technology stack. Develop and deploy novel tooling that may leverage Large Language Models to enhance detection … investigation, and response capabilities. Create and optimize detections, playbooks, and workflows to quickly identify and respond to potential incidents. Review IncidentResponse metrics and procedures and drive continuous improvement. Work cross-functionally with other security and engineering teams. Note: This position will require participation in an on-call rotation. You may be a good fit if you More ❯
and incidents. Utilise SIEM tools (particularly Crowdstrike SIEM) to monitor and assess host, network, and identity data. Tune and reduce false positives, improving SIEM efficiency and alerting accuracy. Lead incident investigations across Windows, macOS, and Linux environments. Design and implement SOC runbooks, use cases, and alert rules to enhance incidentresponse capabilities. Collaborate with stakeholders to conduct … hunts across host data, vulnerability data, network logs, Active Directory, and other sources. Coordinate timely security response efforts and document incident communications for both technical and management audiences. Work with vendors to develop and implement new SOC use cases. Skills/Must have: 5+ years' recent experience in a Tier 2 or Tier 3 SOC analyst role, ideally … within a government or critical infrastructure organisation. Deep experience with SIEM tools such as Crowdstrike, Splunk, and Microsoft Defender. Proven track record designing and implementing SOC use cases and incidentresponse plans. Strong capability in data correlation across disparate sources. Demonstrated ability to develop effective alerting strategies and manage alert noise. Experience creating and using runbooks to conduct More ❯
SR2 | Socially Responsible Recruitment | Certified B Corporation™
platforms that form part of UK national infrastructure. Role Overview This position will focus on monitoring, assessing, and strengthening OT cybersecurity posture. The successful candidate will contribute to detection, response, and prevention strategies across a diverse technology stack within a regulated environment. Key Responsibilities Monitor and manage OT security monitoring tools and technologies. Analyse threats, assess vulnerabilities, and prioritise … remediation efforts. Develop and execute incidentresponse plans specific to OT systems. Identify and track vulnerabilities, working with internal teams for resolution. Support security assessments and coordinate OT-specific penetration testing. Assist in the development of OT-specific security policies and procedures. Ensure compliance with industry standards and regulatory frameworks, including IEC62443, NIS, CAF, OG86, and HSE. Apply … frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incidentresponse in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯
seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incidentresponse procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incidentresponse, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯
per week on-site and the remainder remote. You'll play a central role in monitoring, analysing, and improving the organisation's cyber security posture - particularly around SIEM and incidentresponse, with a strong focus on Microsoft Sentinel. Key Responsibilities: Monitor security alerts and log data using Microsoft Sentinel and related SIEM tools Respond to security incidents, performing … experience in a cyber security analyst or SOC analyst role Strong hands-on knowledge of Microsoft Sentinel and broader SIEM technologies Solid understanding of threat detection, log analysis, and incidentresponse workflows Experience working in a public sector or regulated environment is highly desirable Ability to clearly communicate security issues and provide actionable advice to stakeholders This is More ❯
SecOps) - Leeds/Remote - 12 Months Initial - Inside IR35 We are seeking a skilled SOAR Engineer/Analyst responsible for designing, developing, implementing, and maintaining automation playbooks to improve incidentresponse efficiency within the Security Operations Centre utilizing Google SecOps Role Overview: Job Title: SOAR Engineer/Analyst (Google SecOps) Location: Leeds/Remote Contract Type: Contract Duration …/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python, PowerShell, or Bash. Experience with REST APIs and JSON for tool integration. Working knowledge of incidentresponse frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g. More ❯