26 to 50 of 786 Incident Response Jobs in the UK

responsible for implementing and managing security infrastructure, responding to threats, and ensuring compliance across systems. You'll work with various cyber security solutions while driving security best practices and incident response. If you have experience in cybersecurity tools, governance, and access management-and want to use your skills to support a mission that changes lives-this is your chance … Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA … and Zero Trust security principles. Your expertise in network security, VPNs, SD-WAN, and Microsoft Defender solutions will help safeguard our systems, while your contributions to incident response, governance, and security strategy will shape the future of our cybersecurity posture. If you're passionate about cybersecurity and want to make a meaningful impact, then this role is for More ❯

ensure compliance with industry best practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems' security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such … as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. Develop and implement security plans, policies, and training to prepare the organization to respond efficiently … and accurate reports on penetration testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such as Metasploit, Burp Suite, Nessus More ❯

play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incident response to help scale and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to … applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incident response activities, including log analysis, querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal … Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC 2), contribute to control implementation, and assist with security documentation. Contribute to internal security education and awareness by developing training materials More ❯

setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit … preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as … transformation programs, with limited oversight. There is a base requirement to demonstrate understanding of and find ways to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and … manage complex workstreams; take ownership of outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and/or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels More ❯

reduce residual risk across diverse technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Bachelor's degree in Cybersecurity, Information More ❯

on areas associated to regulations and company strategy. Integrate processes with Cyber Threat Intelligence to ensure appropriate monitoring of the threat landscape for emerging security risks and ensure swift response to zero-day threats. Collaborating on Security Risk Management strategies, aligning to a 3 lines of defence model and enforcing alignment of risk taxonomy to organizational cybersecurity risk management … processes, streamline and simplify complexity, and incorporate new ideas and capabilities to enhance our security posture and make the team stronger and better. Decisive: provides clear direction during cyber incident response to the Security Operations team and all associated stakeholders. Identify risks: Able to synthesize capability gaps and articulate them so the Firm can manage risk in alignment … threat landscape. High level of integrity and ethical judgement to handle sensitive information responsibly. Familiarity with cloud security controls and securing hybrid IT environments. Knowledge of vulnerability management and incident management practices. Evidence of working in the Financial Service Industry preferred. Our commitment to employees: At CLS, we celebrate diversity and consider this to be one of our strongest More ❯

Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). … SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS More ❯

systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools and technologies, and stay informed on emerging threats and vulnerabilities. Required More ❯

pension scheme, and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in … hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and … and improve SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response More ❯

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves … to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigation of security events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and will coordinate with the customer's IT and security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high levels of security operations delivery. … Oversee and enhance security monitoring systems to detect and analyze potential security incidents. Conduct real-time analysis of security events and escalate as needed. Support other teams in incident investigations, determining root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response More ❯

systems, Manage relationships and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical … end-users on implementing best practices and organize training sessions. Lead or support investigations into security breaches and provide detailed incident reports. Develop and enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed … internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response procedures with wider IT and support team. Advise senior management on operational risks. Mentor and lead junior members of the team. Occasional on-call support for critical incidents. Requirements Proven experience in More ❯

systems, Manage relationships and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical … end-users on implementing best practices and organize training sessions. Lead or support investigations into security breaches and provide detailed incident reports. Develop and enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed … internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response procedures with wider IT and support team. Advise senior management on operational risks. Mentor and lead junior members of the team. Occasional on-call support for critical incidents. Requirements Proven experience in More ❯

monitoring, detecting, and responding to security incidents, ensuring compliance, and maintaining the integrity of our systems and networks. Key Responsibilities: * Monitor and analyse security events using SIEM tools* Conduct incident response and triage activities* Perform regular security assessments and compliance checks* Maintain and improve logging and monitoring capabilities* Collaborate with internal teams to enhance security posture* Document incidents … of the wider cyber security landscape and risks Essential Skills & Experience: * Minimum of 2 years' experience in a SOC or cyber security role* Strong understanding of SIEM technologies and incident response processes* Solid knowledge of computer networks, protocols, and infrastructure* Experience with security monitoring, logging, and compliance frameworks* Excellent analytical skills and a keen eye for detail* Strong … bonus scheme* Excellent benefits package* Opportunities for professional development and certification* A collaborative and secure working environment* Fully on-site role with no shift work Keywords: SOC Analyst, SIEM, Incident Response, Threat Intelligence, Cyber Security, Network Security, Compliance, Logging, Monitoring, Security Operations, SC Clearance, DV Clearance, Wiltshire Jobs, British Nationals Only, Security Assessments, Cyber Qualifications, Networking Certifications, Cyber More ❯

pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in … environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership … SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and More ❯

and audits. Vulnerability Analysis: Conduct assessments and penetration testing. Develop mitigation strategies and track vulnerabilities. Forensic Analysis: Analyze security incidents, collect evidence, and prepare reports to improve security posture. Incident Response: Lead response efforts, develop plans, and conduct post-incident reviews. Security Tools: Manage security tools like firewalls and intrusion detection systems. Evaluate new technologies. Documentation … plus), and understanding of secure development lifecycle. Proficiency with security tools, firewalls (Palo Alto preferred), IDS, endpoint security. Strong understanding of network protocols, VPNs, and security architecture. Experience in incident detection, analysis, response, forensic and malware analysis. Skills in scripting and automation (Python, PowerShell). Knowledge of frameworks like ISO 27001, NIST, Cyber Essentials. Understanding of risk management … clear security documentation and communicate technical info effectively. Solid organizational skills and ability to work in a team environment. Extensive experience in cybersecurity roles, especially in security operations and incident management. Project management experience and relevant certifications (CCSP, CEH, Security+, AWS, Azure) are highly desirable. What You ll Get in Return Discretionary annual bonus 25 days' holiday, holiday buying More ❯

government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party compliance. Handling incident response & reporting (e.g., Data Breach Notifications under GDPR). Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with … Plus, PCI-DSS, and other applicable standards. Align ISMS activities with ISO 27001 framework. Develop and implement security policies, controls, and procedures. Conduct security risk assessments & compliance audits. Manage incident response & data breach reporting (ICO & EU authorities). Liaise with regulators, legal teams, and third-party auditors. Deliver security awareness training across the organisation. Other Considerations: Industry Expertise More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. Incident Response Support: Coordinate with SRE and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares … Clear, concise communication skills for both technical and business audiences. Nice-to-Haves Exposure to cloud security (AWS, Azure, or GCP). Hands-on lab or internship experience with incident response. Entry-level certs like CompTIA Security+ or GIAC GSEC in progress. Why Our Client? Competitive package: £36,000-£43,000 + performance bonus. Flexibility: Choose your workspace—office More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python More ❯

Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). … SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS More ❯