26 to 50 of 823 Incident Response Jobs in the UK

Security Engineer, AWS SOC Incident Response Job ID: Amazon Data Services UK Limited The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is looking for a highly motivated, technically inclined individual to work as a Security Engineer. A successful … fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams … to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident More ❯

Security Engineer, Security Incident Response Team (SIRT) Job ID: Amazon Development Centre Ireland Limited Amazon is seeking qualified Security Engineers to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security … of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring … of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incident response capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security More ❯

You will need to login before you can apply for a job. Security Engineer, AWS SOC Incident Response Sector: Technology Role: Professional Contract Type: Permanent Hours: Full Time DESCRIPTION The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is … fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams … to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident More ❯

the best that you can be within the Cyber world. To be successful in this role, you will need some experience/knowledge of incident response and digital forensics. Main responsibilities: Help manage and o-ordinate cyber security incidents Digital forensics of relevant incident data Maintain a … current view of the cyber threat advising clients on the threat landscape Help assess client incident response capability maturity Liaise with clients on delivery, implementation and sales issues Benefits: Flexible salary packages based off experience Hybrid working: 3 days a week Life Assurance – 4x salary Dental Insurance, Private … leave plus bank holidays – option to buy Education assistance Requirements: Understanding of the cyber security threat landscape Knowledge/experience of digital forensics and incident response Experience dealing with cyber security incidents Experience being part of an incident response team Eligible for security clearance For more More ❯

escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters … from Experian's existing 24x7 security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, and suspicious activity. You will work with end-users, partners, technical support teams, and management to ensure … in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include: Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters More ❯

escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters … from Experian's existing 24x7 security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to … in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include:- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … VPNs, and group policies Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Communicate effectively with clients to understand their specific needs, provide updates on remediation progress, and offer guidance on enhancing their cybersecurity More ❯

of cybersecurity within the organisation. You'll help build and implement the SOC within IT operations, conduct daily operations of the internal SOC including incident monitoring, analysis, and response, implement SOC procedures and best practice to ensure efficient and effective incident response, and support major incident response efforts and lead on incident response efforts including containment, investigation, analysis, and reporting of security incidents. Your profile Experience as a SOC Analyst in an enterprise scale organisation; managing security operations incidents and events Hands-on knowledge and experience of security operations and incident response planning; Cellebrite, Magnet Domain Tools Knowledge of cybersecurity principles and frameworks; ISO27001, NIST, GDPR etc. Knowledge and experience with MS Sentinel, Cisco Meraki, MS Defender, Endpoint protection Knowledge and experience with SIEM, IDS/IPS, firewalls, endpoint protection systems, and vulnerability management Knowledge and experience analysing and More ❯

Join Centrica's IT Security Team as a Cyber Security Incident Response Manager! ?? Are you ready to drive the UK's energy transformation? Centrica is looking for a skilled Cyber Security Incident Response Manager to join our IT Security team. You'll handle cyber incident … investigations, e-Discovery, network forensics, and cyber breach inquiries. Location: Hybrid working with occasional travel to Windsor. Key Accountabilities: Carry out forensic analysis and incident response investigations Build and manage forensic and incident infrastructure. Lead cyber forensic investigations. Support weekly security operations calls. Oversee resilience planning and … and remediate vulnerabilities. Analyse security reports and manage alerts. Stay updated on security policies and regulations. Experience Required: Expert in Security Operations and Security Incident Response. Expert in cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries Proficiency in SIEM, SEM, and log monitoring. Scripting/ More ❯

Incident Response Analyst – Hybrid – Newport – Up to £55,000 CPS Group is currently working with a leading UK-based Critical National Infrastructure (CNI) organisation, supporting their search for an experienced Incident Response Analyst to join their growing Cyber Resilience Team. This is an exciting opportunity to … and determine if incidents have occurred. Contain and mitigate security incidents to prevent further impact. Work closely with IT and security teams to develop incident response strategies. Analyse incidents to identify root causes and recommend improvements. Contribute to the development of cyber security plans, policies, and training. 🧠 What … or similar cyber security role. Strong understanding of cyber threats, threat intelligence frameworks, and best practices. Excellent problem-solving and analytical skills. GIAC Certified Incident Handler (GCIH) or equivalent. Desirable: Degree in Cyber Security or a related field. Additional cyber security certifications. This role offers a unique chance to More ❯

mission. We all play a vital role in energising a greener, fairer future . Join Centrica\\\'s IT Security Team as a Cyber Security Incident Response Manager! Are you ready to drive the UK\\\'s energy transformation? Centrica is looking for a skilled Cyber Security Incident Response Manager to join our IT Security team. You\\\'ll handle cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries. Location: Hybrid working with occasional travel to Windsor. Key Accountabilities: Carry out forensic analysis and incident response investigations Build and manage forensic and incident … and remediate vulnerabilities. Analyse security reports and manage alerts. Stay updated on security policies and regulations. Experience Required: Expert in Security Operations and Security Incident Response. Expert in cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries Proficiency in SIEM, SEM, and log monitoring. Scripting/ More ❯

Job Title: SOC Lead Location: Hybrid (3 days in office ) About the Role We are seeking a highly skilled SOC Lead to oversee cyber incident response, threat intelligence, and vulnerability management for a leading organization. This role will act as a trusted advisor to senior leadership, ensuring a … structured and effective response to cyber incidents while driving improvements in incident management processes. Key Responsibilities Lead and coordinate responses to significant cyber incidents, ensuring effective and timely resolution. Act as a subject matter expert, advising senior leadership on business impacts and risk mitigation strategies. Develop and implement … cyber incident containment plans and remediation strategies. Oversee incident investigations, reporting, and documentation to drive continuous improvement. Collaborate with Threat Intelligence and Incident Response teams to monitor and respond to emerging threats. Ensure effective vulnerability management, prioritizing risks and coordinating remediation efforts. Provide regular technical and More ❯

with the best technology in a dynamic and advanced environment. The Opportunity We are looking for a industry experienced, highly motivated and self driven, Incident Response Specialist, someone who can rapidly address security incidents and threats as they appear with the ability to strategize and lead Incident … In This Role, You'll Get to: Perform end-to-end handling of all critical, high and medium cyber security incidents at Agoda. Drafting incident reports & communicating incident summaries to senior leadership, end users, legal teams Write playbooks for different types of cyber security incidents and use automation … to reduce MTTR time. Automating repetitive tasks of incident response using automation platforms and/or programming Optimizing existing security controls to finetune the alerts & reduce false positives Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats. Support the legal & regulatory More ❯

will proactively identify, analyse, respond, and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to … participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence into CIC activities. Collaborate and assist with the … investigation and resolution of complex security incidents. Support the delivery of retrospective improvements based on incident analysis, RCAs and PIRs. Engage with third-party security partners to enhance and mature services. Maintain centralised processes across all VBG product lines, promoting synergy and efficiency. Stay updated on the latest cyber More ❯

An exciting opportunity has arisen for a Cyber Security Incident Response Manager to join a leading Financial Services organisation based in Glasgow. This role plays a key part in safeguarding the organisation from cyber threats by identifying, responding to, and mitigating cybersecurity incidents. As part of the Cyber … Detect and Respond Operations Team , you will be instrumental in enhancing security operations, strengthening defences, and ensuring operational resilience. Key Responsibilities Lead real-time response to cyber threats, managing cybersecurity incidents and investigations through to resolution. Analyse security breaches, identify attack vectors, and ensure appropriate remediation actions are taken. … to improve cybersecurity measures and prevent future threats. Provide clear communication to senior management on cybersecurity risks and incidents. Drive continuous improvement through post-incident reviews and scenario testing. What They're Looking For Extensive experience in cybersecurity incident response and operational leadership within a Security Operations More ❯

procedures, ensure regulatory compliance, and collaborate with various departments on security-related initiatives. The role is ideal for someone with technical expertise in cyber incident response and analysis. Key Responsibilities: Support Cyber Security Operations, Incident Response and Investigations. Enforce security policies and ensure regulatory compliance. Analyse … resilience activities. Qualifications: Bachelor’s degree in Information Security, Computer Science, or related field. Experience in Cyber Security Operations with a track record in Incident Response and Investigations. Experience with Microsoft Defender and Sentinel. Knowledge of security analysis and incident response. Preferred experience in financial services information … NIST CSF & CIS frameworks. Strong analytical, communication, and teamwork skills. Skills & Experience: 5+ years in enterprise cybersecurity IT, with Cloud and On-premise experience. Incident Response and Investigations experience. Microsoft Security certifications or equivalent (MS365/Azure). Knowledge of modern operating systems, networking protocols, and cyber risks. More ❯

procedures, ensure regulatory compliance, and collaborate with various departments on security-related initiatives. The role is ideal for someone with technical expertise in cyber incident response and analysis. Key Responsibilities: Support Cyber Security Operations, Incident Response and Investigations. Enforce security policies and ensure regulatory compliance. Analyse … resilience activities. Qualifications: Bachelor’s degree in Information Security, Computer Science, or related field. Experience in Cyber Security Operations with a track record in Incident Response and Investigations. Experience with Microsoft Defender and Sentinel. Knowledge of security analysis and incident response. Preferred experience in financial services information … NIST CSF & CIS frameworks. Strong analytical, communication, and teamwork skills. Skills & Experience: 5+ years in enterprise cybersecurity IT, with Cloud and On-premise experience. Incident Response and Investigations experience. Microsoft Security certifications or equivalent (MS365/Azure). Knowledge of modern operating systems, networking protocols, and cyber risks. More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with … APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions More ❯

business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration … PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real More ❯

Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be … of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office … PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project … Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders More ❯