201 to 225 of 654 Incident Response Jobs in the UK

Proactively work with business units and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any data privacy issue, Contribute to More ❯

and vulnerability management systems. Conduct risk assessments and threat modelling, maintaining the IT risk register and supporting the deployment of security controls, aligned with regulatory and business requirements. Lead incident response efforts including containment, investigation, recovery and post incident reviews while maintaining robust response plans and playbooks. Drive compliance with standards such as ISO 27001, GDPR More ❯

doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and … continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational More ❯

Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯

the Life: Design and implement technical security architecture across IT systems, cloud platforms, and customer-facing services Lead advanced security operations including penetration testing, forensic analysis, threat hunting, and incident response Drive security automation initiatives and integrate DevSecOps best practices into our CI/CD pipelines Provide expert cybersecurity guidance to IT operations, engineers, and product teams Research More ❯

and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. Incident Response Support: Coordinate with SRE and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares … Clear, concise communication skills for both technical and business audiences. Nice-to-Haves Exposure to cloud security (AWS, Azure, or GCP). Hands-on lab or internship experience with incident response. Entry-level certs like CompTIA Security+ or GIAC GSEC in progress. Why Our Client? Competitive package: £36,000-£43,000 + performance bonus. Flexibility: Choose your workspace—office More ❯

maintain security documentation, including architecture diagrams, policies, and procedures. Advise clients on compliance with standards such as NCSC Cloud Security Principles, ISO 27001, Cyber Essentials Plus, and GDPR. Support incident response planning and execution. Stay current with emerging threats, vulnerabilities, and regulatory changes. What You'll Bring Experience & Skills Proven experience working in a consultancy capacity within the More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams’ effectiveness through ownership of relevant issues More ❯

ideal candidate will have foundational knowledge of cybersecurity principles, familiarity with security tools, and a keen interest in developing expertise in threat detection and response. Key Responsibilities Security Monitoring & Incident Response: Monitor network and application alerts using a SIEM (Microsoft Sentinel preferred) and other monitoring solutions (PRTG, NinjaRMM & Zabbix). Assist in identifying and responding to potential security … incidents, analysing data from Antivirus solutions such as CrowdStrike, Sophos, Microsoft Defender and ESET. Document incident reports and escalate issues as needed. Threat Analysis & Investigation: Investigate alerts for potential threats, including malware, phishing and unauthorised access attempts. Conduct analysis using monitoring tools (SIEM, AD Audit) to track suspicious activities and assist in preliminary incident response. Collaborate with the More ❯

Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead More ❯

across technical and operational teams to ensure robust security controls and compliance with industry standards. Key Responsibilities: Conducting assurance reviews and risk assessments Embedding security into solution designs Supporting incident response and post-incident analysis Ensuring compliance with GDPR, ISO27001, NIST, and other frameworks Advising on threat modelling and mitigation strategies What We're Looking For: Strong More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

the PMO team at Newmarket Holidays, the role will be focused on various project initiatives to establish policy and achieve ISO27001. What I do Security Strategy & Implementation Threat Detection & Response Security Integration & System Management Risk Management & Compliance Training & Awareness Continuous Improvement Change Management Who I am Key Skills & Competencies: In-depth knowledge of cybersecurity frameworks, tools, and technologies Strong … understanding of networking protocols, cloud security, and secure software development principles. Experience with incident response, risk management, and vulnerability assessment. Familiarity with regulatory compliance and standards (e.g., GDPR, ISO 27001). Excellent problem-solving and analytical skills, with the ability to handle complex security challenges. Strong communication and collaboration skills, able to work cross-functionally with IT, business More ❯

the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including … You We’re looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT More ❯

the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including … You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT More ❯

EDR (e.g. CrowdStrike, SentinelOne), and other monitoring tools. Provide technical guidance to engineering teams on secure design and implementation. Develop playbooks and automation scripts to enhance SOC efficiency and incident response capabilities. Integrate threat intelligence feeds into SOC workflows for real-time monitoring and response. Conduct regular tool performance reviews and implement upgrades or replacements as necessary. Skills More ❯

e.g., ISO 27001, NIST), and risk mitigation. Conduct assessments and audits of existing network and cloud security postures. Deliver workshops and training sessions on M365 and Azure security capabilities. Incident Response & Monitoring: Collaborate with SOC teams to monitor and respond to network-based threats. Utilize Microsoft Sentinel and Defender for Cloud to detect and remediate vulnerabilities. Develop playbooks More ❯

e.g., ISO 27001, NIST), and risk mitigation. Conduct assessments and audits of existing network and cloud security postures. Deliver workshops and training sessions on M365 and Azure security capabilities. Incident Response & Monitoring: Collaborate with SOC teams to monitor and respond to network-based threats. Utilize Microsoft Sentinel and Defender for Cloud to detect and remediate vulnerabilities. Develop playbooks More ❯

compliance, and security policies across cloud estates. Execute backup, disaster recovery, and business continuity procedures. Systems Management & Optimisation: Maintain and troubleshoot Azure and hybrid cloud environments. Perform proactive monitoring, incident response, and root cause analysis of mission-critical systems. Configure, optimise, and secure servers, virtual machines, networking, and storage solutions. Create and maintain scripts (e.g., PowerShell) to automate More ❯

aligned with real-world threats. Cross-Functional Leadership & Collaboration Act as a bridge between Security, Engineering, and Product teams to align on secure architecture and SDLC practices. Participate in incident response, forensic analysis, and post-incident remediation. Support compliance initiatives (SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR) through technical guidance and documentation. Define and track KPIs More ❯

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the XDR Protective Monitoring Sub team. Cyber Operations purpose is to support safe care and … Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non … contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Deputise for Security Lead (Analyst) in their absence. Act as an escalation point for Tier 2 Analysts for incidents and investigations. Offer mentorship and guidance to Tier More ❯

capacity. Maintain and regularly review all relevant processes and documentation. Essential Skills and Experience: 5+ years in threat intelligence, vulnerability management, or cyber threat research. Strong background in technical incident response and cyber threat analysis. Deep understanding of threats targeting government and CNI environments. Proficient in open-source intelligence (OSINT) gathering and analysis. High-level knowledge of Windows More ❯

in order to identify customer requirements. Ability to explain complex IT concepts to all levels of customer. Demonstrable ability to follow security operations, procedures, policies and activities. Experience managing incident response across an organization involving multiple business unit. A general understanding of data protection processes, policies and tools. Due to the volume of applications received for positions, it More ❯

controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. More ❯