276 to 300 of 943 Incident Response Jobs in the UK

and be a key player in ensuring the organisation's overall cybersecurity posture remains strong. You will also be involved in proactive security measures, incident response, and disaster recovery planning. This role is office-based at our Coventry site, with travel to other UK sites as required, sometimes … including firewalls, VPNs, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and penetration testing. Apply patches and updates to mitigate security threats. Lead response efforts in cyber-attacks or security breaches, including containment and remediation. Perform root cause analysis and recommend mitigation strategies. Collaborate on incident handling More ❯

you and your household Onsite perks including free parking, tea and coffee stations, and a subsidized café with free breakfast toast Responsibilities Security Monitoring & Incident Response: Use SIEM tools like Exabeam, LogRhythm, Splunk, or Arcsight to monitor security events, detect threats, and analyze data to address incidents swiftly. More ❯

JRC members in decision-making processes. Hands-On Security Experience: Take an active role in the day-to-day management of security operations, including incident response, threat hunting, vulnerability management, and other proactive measures. Provide expertise in implementing technical security solutions and ensuring they align with organisational goals. More ❯

threat protection Security automation and DevSecOps integration Security Operations SOC transformation and cloud-native security ops Threat detection with XDR, NDR, and SOAR platforms Incident response planning and threat intelligence integration Regulatory alignment for DORA, NIS2, and UK-specific mandates Risk frameworks tailored by industry (FS, critical infrastructure More ❯

Analysis Centre (CTAC). Responsible for advancing initial investigations conducted by Tier 1 Analysts, providing in-depth analysis of potential threats, and supporting escalated incident response. The role involves collaboration with senior and junior analysts to ensure effective SOC operations and acts as a bridge between foundational and advanced … threat detection and response functions. Responsibilities Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and advising on initial response actions. Utilize expertise in SIEM solutions, especially Kusto Query Language (KQL), for log analysis, event correlation, and documentation of security incidents. … capabilities, contributing to proactive threat management. Monitor the threat landscape, document findings, and share insights with CTAC teams to improve situational awareness. Follow established incident response playbooks, provide feedback for process improvements, and suggest updates to enhance response times. Coordinate with Tier 3 Analysts and management to More ❯

our digital platform strategy, contributing towards the Technology function's Strategy. Own our services; taking responsibility for support, monitoring, and addressing technical issues and incident management, around the clock. You will be accountable for the owningthe content management system, support and maintenance, publishing all content on the Web and … product roadmap, delivery methodology and controls, and commercial targets Team utilization - Resource allocation and cost control (internal and delivery partner) Site KPIs: Platform uptime, Incident response time, incident resolution time, meantime between failures, meantime to recover Product KPIs: Conversation rate, Product usage, Bandwidth utilization, site and app More ❯

global level. Establish performance benchmarks, conduct analyses, and prepare reports on all key CMRS goals and metrics. Develop and maintain standard operating procedures, emergency response procedures, and preventive maintenance programs. Ensure standardization and consistency with best-in-class operating practices. Engage, coach, train, and influence business partners to be … path. Effectively address product loss mitigation, physical security considerations, potential and actual workplace violence incidents per policy as well as conduct testing of the incident response plans. Review incident reports, document periodic trend summaries, and provide updates and recommended actions to management. Take calculated risks and challenge … to site to investigate and resolve the issue. Travel up to 25% domestically. About the team The Control Room Manager - CMRS (Centralized Monitoring and Response System) position serves as operational resource to support the Security Command Center. This position will provide analytics support and accountability for the overall deliverables More ❯

delivery processes Support the agenda for our cloud first strategy and ensure any cloud solutions meet our security aspirations and requirements Take responsibility for incident management and lead our response to cyber security events, incidents and potential breaches Ensure our suppliers adequately monitor the IT estate for threats … environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able to recognise More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to … ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing … correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies More ❯

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. More ❯

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response … crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team More ❯

weaknesses. Create policies and procedures regarding security logs and alerts. Assist in investigating security breaches, incidents, and unauthorized access attempts, and develop and implement incident response plans. Collaborate with cross-functional teams to ensure security requirements are incorporated into the design and implementation of systems and applications. Stay More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to … ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing … correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies More ❯

security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical … and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What youll bring: Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel and Splunk implementations. Knowledge and experience with Mitre More ❯

the business to conduct in-depth analysis of alerts, determining root cause, and identifying remediation actions or opportunities for detections tuning. Work with our Incident Management Team to respond to Security incidents. Provide security analysis to validate and size up the problem, along with making recommendations for containment. Follow … up after incidents with post incident review (PIR), ensuring any outstanding actions are tracked, and trends are identified. Continuously develop and improve our documentation and playbooks, ensuring the team has a standardised response to incidents, and documentation for our tooling configuration. Support day-to-day management of key … from you if you have Strong Technical knowledge, this could be across any domain (e.g., Security, Networks, Infrastructure, End User Compute). Experience with incident response, within Security or broader Technology domains. Familiarity with security tools (SIEM, EDR, Vulnerability Management). A desire to continuously upskill your Security More ❯

our existing suite of tools and controls to keep pace with changing threats. Collaborate with the managed SOC provider to ensure timely and effective response to security incidents. Assist in the development and maintenance of the organisation’s incident response plan. Collaborate in assessing and closing out More ❯

our existing suite of tools and controls to keep pace with changing threats. Collaborate with the managed SOC provider to ensure timely and effective response to security incidents. Assist in the development and maintenance of the organisation's incident response plan. Collaborate in assessing and closing out More ❯

company-wide testing. Collaborate with stakeholders to prioritize and address risks, creating security architecture elements for effective mitigation. Develop and maintain a company-wide incident response plan for rapid security incident management. Lead investigations into security breaches and collaborate on corrective actions. Create frameworks for delivering cybersecurity More ❯

infrastructure. Perform detailed analysis of network traffic, diverse log sources (system, application, network), and other security data to identify threats and vulnerabilities. Provide crucial Incident Response (IR) support during security events. Contribute to the continuous improvement of the team's knowledge regarding SOC tools, operational procedures, and effective … concise reports for managed clients, tailored for both technical and non-technical audiences, focusing on continuous improvement of content and delivery. Maintain meticulous security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What You'll Bring: Proven experience working within a Security Operations Centre (SOC More ❯

act as an SME for projects and initiatives relevant to the role. You will liaise closely with RMG technology teams to ensure the correct response and remediation of security information and events. Also liaising closely with RMG third party suppliers to ensure the correct response and remediation of … understanding of the principles and practical's of effectively triaging security events Experience of threat-based security operations, using industry standard frameworks Experience of incident runbook and playbook development Experience of working with security in the Cloud, ideally Microsoft Azure. Nice to have experience Threat intelligence gathering and application … Threat hunting execution Metrics creation and presentation. Technical and professional qualifications relevant to security incident response e.g. SANS GCIH or GCFA, or Certified Incident Responder Experience of detection and response within operational technology environments What we offer you Competitive Salary 18% Bonus Competitive Pension Scheme Car More ❯

you will be required to be onsite during the event. Experience in the some/all of the following would be preferred - SOC L3 Incident handling Advanced threat hunting FOTG Rapid Response & Containment Major Incident Response handling Advanced Threat Hunting Assessment Readiness More ❯

you will be required to be onsite during the event. Experience in the some/all of the following would be preferred - SOC L3 Incident handling Advanced threat hunting FOTG Rapid Response & Containment Major Incident Response handling Advanced Threat Hunting Assessment Readiness More ❯

and mitigating potential risks. Your expertise will be essential in strengthening our security posture, protecting our digital assets, and enhancing our prevention, detection, and response capabilities to safeguard our products and business against security threats. What will you do: Leverage a broad and current understanding of Security to define … cross-functional teams to improve overall security posture and awareness as well as articulate the business value of Security investments. Lead and manage the incident response process, acting as the Incident Lead for significant security events. Implement and manage security controls and best practices in both the … Platform and infrastructure to identify vulnerabilities and improve our security defenses. Conduct threat impact analysis and research to stay ahead of emerging threats. Manage response to ongoing threats, operating autonomously or engaging the relevant stakeholder(s) to keep the systems as secure as possible. Assist with Audit and Compliance More ❯

for providing end _-to-end database support for cloud services examine logs and alerts, maintain access rights and roles, database instance version control.through monitoring, incident response, and incident resolution for the Public and Base Database Monitoring: Essential, manual/script -based detection and notification of critical database … provided by engineers with deep technical skills and problem -solving acumen given inclusion in and visibility to current and historical changes to They follow incident, change, release, and problem management processes. the environment Participating and driving root cause analysis on incidents to ensure issues around and acted up on More ❯