226 to 250 of 575 Incident Response Jobs in the UK

is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level … using a combination of cutting-edge technology and a strong set of processes. The NMC Cyber Detect Analysts will work closely with teams across the NMC, typically with the Incident Response Teams to ensure security issues are addressed quickly upon discovery. NMC Cyber Detect Analyst duties involve but are not limited to: Initial Triage of alerts - evaluation & detection … Confirmation of false positive Incident data gathering and feedback on any gaps and issues in respect to Platform Content or tuning opportunities Reflection of incident severity based on analysis Escalation of potential incidents to customer or Senior Cyber Detect Analyst/CIMT Team as appropriate Trend Analysis of force-by-force events for presentation into forces at regular More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

maturity of the Insider Risk Program through playbook development, automation, and continuous improvement. Contribute to red team/blue team exercises and insider threat simulations to validate detection and response capabilities. Deliver clear and actionable reporting to leadership and stakeholders, maintaining a balance between risk management and employee privacy. What You Will Ideally Bring 3+ years’ experience in cybersecurity … SOC, threat detection, or risk analysis). Hands-on experience with tools such as SIEM, DLP, UEBA, EDR, or SOAR . Strong understanding of data protection, behavioral analysis, and incident response principles. Experience managing sensitive investigations with HR, Legal, or Compliance teams. Knowledge of privacy and regulatory frameworks (GDPR, HIPAA, SOX). Excellent analytical, investigative, and communication skills More ❯

networking best practices. Lead major infrastructure initiatives from design through to implementation. Support & Innovation Continuously assess the evolving needs of the business and identify areas for innovation. Ensure rapid incident response and play a key role in the change and incident management process. Contribute to strategic technology decisions with a focus on resilient network design. Professional Experience More ❯

networking best practices. Lead major infrastructure initiatives from design through to implementation. Support & Innovation Continuously assess the evolving needs of the business and identify areas for innovation. Ensure rapid incident response and play a key role in the change and incident management process. Contribute to strategic technology decisions with a focus on resilient network design. Professional Experience More ❯

networking best practices. Lead major infrastructure initiatives from design through to implementation. Support & Innovation Continuously assess the evolving needs of the business and identify areas for innovation. Ensure rapid incident response and play a key role in the change and incident management process. Contribute to strategic technology decisions with a focus on resilient network design. Professional Experience More ❯

networking best practices. Lead major infrastructure initiatives from design through to implementation. Support & Innovation Continuously assess the evolving needs of the business and identify areas for innovation. Ensure rapid incident response and play a key role in the change and incident management process. Contribute to strategic technology decisions with a focus on resilient network design. Professional Experience More ❯

networking best practices. Lead major infrastructure initiatives from design through to implementation. Support & Innovation Continuously assess the evolving needs of the business and identify areas for innovation. Ensure rapid incident response and play a key role in the change and incident management process. Contribute to strategic technology decisions with a focus on resilient network design. Professional Experience More ❯

availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incident response and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including Microsoft 365 and Azure More ❯

Integrate data sources including Defender for Endpoint, Defender for Identity, Office 365 audit logs, Azure AD, and third-party connectors. • Develop and implement playbooks and alert rules for automated incident response. • Collaborate with the Service Desk to triage and escalate Sentinel alerts. • Administer and maintain Microsoft 365 services including Exchange online, Exchange on prem and managing hybrid setup. • Administer More ❯

followed. Conduct continuous internal security assessments, including Privileged Access Reviews and Cloud Configuration Audits, and own the resulting remediation activities end-to-end. Develop automation and tooling to reduce incident response times and eliminate repetitive tasks for the security team. Define and deliver security standards, policies and processes for the group and review in a timely manner. 2. … Threat Detection & Response Support and enhance detection logic across all computing environments in collaboration with our security partners. Perform deep, forensic-level investigations when security incidents occur. The goal is simple: learn from every event and prevent the same issue from ever recurring. Lead the technical remediation efforts for security incidents and identified vulnerabilities, working closely across IT and … communication skills, especially the ability to communicate complex technical security concepts and risks to all levels of the organisation. A deep understanding of attacker methodology, detection techniques, and how response frameworks relate to the role. Experience working in cloud-native environments, specifically focusing on building and integrating security tooling to identify and mitigate misconfigurations. Strong analytical, troubleshooting, and problem More ❯

Manage product and technology roadmaps in line with our strategic and operational goals. Lead the security, compliance, and risk teams - ensuring constant evaluation and evolution of our protection in response to current and emerging threats. Own and manage audits, penetration tests, incident response, risk registers, and compliance with frameworks such as ISO27001, NIST, and MITRE. Collaborate with More ❯

laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and device touchpoints globally. Key Responsibilities … healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. Ensure high-fidelity logging and alerting … background in automation, scripting, and observability practices. Experience working with large, global device fleets and BYOD models. Preferred Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional More ❯

/XSIAM Consultant to join a major Public Sector programme. This role is a key position within the security operations landscape, helping to drive advanced automation, threat detection, and response capabilities across a complex environment. This is a contract opportunity suited to someone with deep technical knowledge of Palo Alto's XSOAR and XSIAM platforms, combined with hands-on … workflows to enhance SOC automation Integrate XSIAM with existing SIEM, XDR, and third-party security tools Build advanced detection logic, enrichment pipelines, and correlation rules to improve visibility and response Develop dashboards, reports, and monitoring tools to provide real-time threat intelligence Troubleshoot and resolve complex issues across XSOAR, XSIAM, and associated security integrations Required Skills & Experience Proven expertise … across Cortex platforms) Strong knowledge of SIEM, XDR, and SOC operations Proficiency in Python or other scripting languages for automation Hands-on experience in log ingestion, alert tuning, and incident response workflows Ability to lead on both design and implementation projects with minimal supervision Must be eligible for SC Clearance to work within the UK Public Sector Desirable More ❯

gaps for targeted development. Oversee all daily technical operations within the Cybersecurity Investigations team by ensuring established client security protocols are rigorously followed. Manage and coordinate all aspects of incident response and forensic investigations through following the client parameters while also proactively making suggestions for process improvement. Manage long-term initiatives for the global team to include global … primary technical liaison between the client team and the UK Based Cybersecurity Investigations team and other departments, facilitating communication and cooperation, preparing detailed reports and presentations on security trends, incident status, and risk mitigation for senior management. Monitor scheduling to meet baseline standards, handle attendance, timecard tracking and ensure that team members are following applicable laws and regulations in More ❯

expertise. As a Cyber Threat Analyst you will: As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don’t worry if you don’t tick every box – we’d still love to hear from you! If you’re excited about the role and … related input and investigation support during relevant cybersecurity incidents Deliver detailed threat reporting including executive briefings, and actionable recommendations to technical and non-technical stakeholders Set yourself apart: Monitoring, incident response and playbook development Detection creation within SIEM tools and using GitHub Vulnerability scanning, management and reporting Core cybersecurity concepts such as network security, cryptography, cloud security, forensics More ❯

availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incident response and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

teams across BAE Systems Escalate suspected major security incidents/investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems … Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able More ❯

teams across BAE Systems Escalate suspected major security incidents/investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems … Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able More ❯