26 to 50 of 403 Incident Response Jobs in the UK

practices and implementing controls for Cloud Security and governance. Implementation of automated security tooling to validate security requirements and identify potential issues. Threat Detection & Incident Response Define threat detection and incident response processes and playbooks for cloud environments. Collaborate with the SOC to operationalise detection rules … incident handling. Compliance & Audit Support GRC in meeting evidence and compliance requirements for ISO27001, NCSC Cloud Security Principles, and SOC2. Reviewing the outputs from security tools and security practices. You will filter and prioritise these into security stories that can be understood and actioned by the delivery teams. Collaboration ...

ensure products are secure by design and resilient in production. PSLs define and implement security policies, manage vulnerability backlogs, and lead threat modelling and incident response efforts. What you’ll own Define and implement security policies and tooling across the product lifecycle, from design and development to deployment … ensure timely remediation. Conduct root cause analysis (RCA) for security incidents and systemic vulnerabilities, using insights to drive developer training and systemic fixes. Drive incident response efforts as Investigation Lead or Incident Commander, including facilitating tabletop exercises to test and improve incident readiness. What you bring ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. Job description: Support SOC Manager to deliver the followingSIEM, IR tools platform … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel Graph ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

workflows for efficiency and compliance. Implement automated monitoring and alerting for critical applications. Maintain version control, change management, and release processes with full auditability. Incident Response & Business Continuity Develop and maintain incident response playbooks for system and security breaches. Coordinate disaster recovery testing for applications … Lead Implementer, etc.) preferred. Pay range and compensation package Working Days: Monday to Friday (core office hours with on-call responsibilities as required for incident response or urgent technical issues). ...

trends, ensuring we stay one step ahead of security threats. Our team combines specialist skills in Threat Intelligence, Threat Hunting, Malware Analysis, Digital Forensics, Incident Response, and Threat Modelling. At our core, we are driven by a mission to “investigate, collate and locate”: to unearth new threats, gather … Organisational Aims: Collection of Priority Intelligence Requirements from key stakeholders. Effective tracking of intelligence activities against these PIRs. Reporting of service quality against KPIs. Incident Response Support: Required to work out of hours, when situation dictates, to support Incident Response activities. What you’ll need Current ...

assessments, identify vulnerabilities, and implement mitigation strategies that protect our infrastructure and digital assets. Oversee Security Operations: Lead daily security operations, including monitoring and incident response, ensuring our defences stay robust. Ensure Compliance: Work with our risk and compliance team to ensure compliance with regulations such as GDPR … certifications like ISO 27001. Promote Security Awareness: Foster a security-conscious culture through employee training, keeping the whole organisation alert to security risks. Incident Response: Manage and lead the resolution of security incidents, containing threats and ensuring our recovery is swift and effective. What You'll Bring Experience ...

Cyber IT Operations Lead, you will take ownership of operational cybersecurity, policies, and risk management. You will define and maintain security standards, oversee incident response, and ensure compliance with frameworks such as ISO27001, Cyber Essentials, CIS, NIST, and GDPR. A key part of this role involves leading … with customers and partners, and support accreditation and audit processes. Cyber IT Operations Lead Essential Skills: Strong experience across IT operations and cybersecurity, including incident response, risk management, and policy creation Working knowledge of security frameworks such as ISO27001, CIS, NIST, GDPR, and Cyber Essentials Cybersecurity certifications such ...

Engineer to help strengthen their defences and improve their security posture.This role is ideal for someone who wants to develop their skill set across incident response, cloud security, vulnerability management and cyber awareness. You’ll be joining a supportive team where learning is encouraged, ongoing development is resourced … backed (including SSCP, ITIL and cloud accreditations).This goes beyond routine monitoring — you’ll play a key part in enhancing security resilience, improving threat response processes, and helping embed a security-first mindset across the business. Please note: Due to the nature of the work, security vetting will ...

Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about cyber, incident response and proactive threat management within a dynamic, fast-paced environment. This is a junior/intermediate security analyst position, and could be ideal … remediation efforts for identified vulnerabilities in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health ...

Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about cyber, incident response and proactive threat management within a dynamic, fast-paced environment. This is a junior/intermediate security analyst position, and could be ideal … remediation efforts for identified vulnerabilities in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health ...

energy assets, and millions of customers. Your Responsibilities (Up to 10, avoid repetition) Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response , Vulnerability Response , Threat Intelligence , and Configuration Compliance . Lead integration of ServiceNow with key cybersecurity tools - SIEM , SOAR , EDR , CMDB , Threat … platforms , and OT/ICS systems . Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for the ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse , and alignment with ServiceNow ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge ...

role is responsible for executing physical tasks within the data center, supporting remote teams, and ensuring operational continuity through proactive monitoring, hardware handling, and incident response. Shift Pattern: 24x7 Support ? 12-hour rotational shifts Key Responsibilities:- CRU Handling: Assist with Customer Replaceable Unit (CRU) replacements and installations. Cabling & Patch … Monitoring: Monitor telephony and email channels for support requests and alerts. Environmental Monitoring: Use native tools to monitor temperature, humidity, and other environmental parameters. Incident Response: Support incident management processes and escalate issues as needed Qualifications & Skills: Basic understanding of data center infrastructure, cabling standards, and cooling ...

rota. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

identified vulnerabilities. Compliance Monitoring: Ensure that our organization's vulnerability management program aligns with industry standards (e.g., ISO 27001, Cybersecurity Essentials) and regulatory requirements. Incident Response: Participate in incident response efforts related to identified vulnerabilities and provide guidance on containment and remediation procedures. Security Controls Maintenance ...

hands-on ServiceNow SecOps Developers to join our team on a contract basis. This role is focused on the implementation and development of Security Incident Response (SIR) and Vulnerability Response (VR) modules within the ServiceNow platform. Key Responsibilities: Design, develop, and implement solutions using ServiceNow SecOps modules … related to SecOps modules. Provide documentation and knowledge transfer as needed. Required Skills & Experience: Proven hands-on experience with ServiceNow SecOps modules, particularly Security Incident Response (SIR) and Vulnerability Response (VR) . Strong understanding of ServiceNow architecture and development practices. Experience in implementing and configuring SecOps workflows ...

PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering … Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from ...

PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering … Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from ...

Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other … businesses. Monitoring, collecting, analyzing and reporting of security metrics and indicators to ensure the proper operations of our regional systems and services. Regional security incident response and management point of contact and drive incident postmortems to find the root cause and track action items to completion. Experience ...

policies, and standards. Conduct risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead … incident response and recovery, including investigations and post-incident reviews. Deliver security training and awareness programs across the business. Assess and monitor vendor and third-party security compliance. Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks ...