251 to 275 of 575 Incident Response Jobs in the UK

and system hardening Supporting compliance and best practice across the organisation 🧠 What we’re looking for: Solid experience with Microsoft security tools (Sentinel, Defender, Intune, Entra) Knowledge of SIEM, incident response, and threat detection Familiarity with Azure and general cloud security principles Strong problem-solving mindset and attention to detail Great communication skills — you can explain security to More ❯

Desired technical skills: Microsoft 365 (Entra ID, Exchange, Teams, SharePoint, Intune, Azure) Windows Server/Active Directory, Networking fundamentals (DNS, DHCP, VPNs, firewalls). Security tools, vulnerability management, and incident response Security technologies (firewalls, IDS/IPS, SIEM, vulnerability scanners) Familiarity with Microsoft Defender and Mimecast. Strong analytical and troubleshooting skills across complex IT environments. Experience of Compliance More ❯

Ensure robust update control, patch management, and system monitoring. Governance & Security - Implement and maintain strong IT governance frameworks, including risk management and compliance. - Lead cybersecurity strategy, including threat detection, incident response, and staff awareness training. - Ensure compliance with GDPR and other relevant regulations. Vendor & License Management - Manage relationships with external IT support providers and software vendors. - Negotiate contracts More ❯

Ensure robust update control, patch management, and system monitoring. Governance & Security - Implement and maintain strong IT governance frameworks, including risk management and compliance. - Lead cybersecurity strategy, including threat detection, incident response, and staff awareness training. - Ensure compliance with GDPR and other relevant regulations. Vendor & License Management - Manage relationships with external IT support providers and software vendors. - Negotiate contracts More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

a critical national infrastructure (CNI) environment. Key parts of the role: Asset Tracking & Documentation Support. Lifecycle Management Assistance Compliance & Reporting Vendor & Supplier Coordination Continuous Improvement Support Cost Management & Optimisation Incident & Problem Management Support Collaboration with Internal Teams What you'll need to succeed Proficiency with asset management software tools such as ServiceNow, CMDB, or similar enterprise solutions. Understanding of … asset lifecycle management processes, including procurement, deployment, tracking, maintenance, and decommissioning of OT assets. Good understanding of incident response stages and handling. Knowledge of industry standards and regulatory requirements related to asset management, such as data protection and environmental compliance, ISO27002, CIS, NCSE CAF, NIST. Familiarity with tracking and managing lifecycle costs, working in partnership with finance and More ❯

to review technical security proposals with Product Teams. Attend Security Working Groups and Tenant Forums to provide and lead on ongoing technical security guidance. Participate in high-priority security incident bridge calls and provide expert support during security incidents (office hours only): lead Post Incident Response investigations. Requirements: Strong knowledge of cloud security principles, frameworks, and best More ❯

technical security proposals with Product Teams. . Attend Security Working Groups and Tenant Forums to provide and lead on ongoing technical security guidance. . Participate in high-priority security incident bridge calls and provide expert support during security incidents (office hours only): lead Post Incident Response investigations. Essential Skills & Experience . Strong knowledge of cloud security principles More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (extension 8144) and More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (phone number removed More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

and the ability to develop effective relationships across all levels of the organisation. Main duties of the job Key areas of responsibility:>Security Architecture Design, Implementation,Monitoring and Support> Incident Response> Risk and Vulnerability Management> Policy and Compliance> Handing User Requests, Audit and System Testing> User Education and Training> Continuous Improvement, Budgeting and Cost Saving> Documentation and Reporting … England. Our core operations focus is the delivery of emergency ambulance 999 services (A&E). We have 92 ambulance stations, two Emergency Operations Centres, and two Hazardous Area Response Teams (HART).Our vision is that together, we will deliver the best care when people in the region need us most.To achieve this, the Trust has a five-year More ❯

London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with More ❯

Excellent communication and stakeholder engagement skills. Passion for continuous learning and staying updated on emerging threats. Ability to translate technical risks into business impacts. Familiarity with SIEM tools and incident response processes. Closing date: 24th October Shortlist date: 25th October Interview date: TBC More ❯

compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with DevOps teams. Support incident response & recovery for cloud-native environments. What You Bring Strong cloud architecture background. Knowledge of UK regulatory frameworks. IaC experience (Terraform/Deployment Manager). Understanding of monitoring More ❯

Implement and support security controls, particularly within Azure cloud environments. Evaluate and deploy best-in-class application security tools. Mentor teams and deliver tailored security awareness programmes. Assist with incident response, security training, and supplier/client security assessments. What We’re Looking For Essential Skills & Experience: Proven experience in application security engineering. Strong knowledge of security tools More ❯

Automate vulnerability scanning, code analysis, and container hardening Collaborate with developers to design secure architectures and threat models Monitor cloud infrastructure (AWS, Azure, GCP) for misconfigurations and anomalies Lead incident response drills and postmortems Champion DevSecOps culture across engineering and product teams Requirements: 3+ years experience in DevOps, security engineering, or cloud infrastructure Strong scripting skills (Python, Bash More ❯

and manage security incidents, including malware and ransomware threats. Collaborate with third-party cyber security providers to deploy and maintain security capabilities. Conduct root cause analysis and contribute to incident response planning. Ensure compliance with industry regulations and internal governance frameworks. Stay up to date with the latest Azure and security technologies and best practices. Skills and Knowledge More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

and manage security incidents, including malware and ransomware threats. Collaborate with third-party cyber security providers to deploy and maintain security capabilities. Conduct root cause analysis and contribute to incident response planning. Ensure compliance with industry regulations and internal governance frameworks. Stay up to date with the latest Azure and security technologies and best practices. Skills and Knowledge More ❯