301 to 325 of 660 Incident Response Jobs in the UK

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

Splunk, or QRadar. DR deployment, configuration & management - experience with tools like Tanium, Trellix, FireEye, Defender, Elastic EDR Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Assist analysts to analyze and mitigate security incidents & have a good understanding of SOC function OOTB & Custom log ingestion Creation - Deploy OOTB integrations as well as develop More ❯

At least 5 years' experience in threat intelligence, vulnerability management, or technical cyber threat research. Strong understanding of Windows and Linux OS, networking fundamentals, and cloud platforms. Experience in incident response and managing technical security operations. Excellent communication skills with an ability to explain complex threats to both technical and non-technical stakeholders. A relevant degree or equivalent More ❯

team, ensuring consistent delivery even during reduced capacity. What We're Looking For Technical Expertise 5+ years in threat intelligence, vulnerability management, or cyber threat research. Strong background in incident response and technical investigations. Deep understanding of threats to government and critical infrastructure. Proficiency in Windows/Linux OS, networking, and cloud platforms. Advanced open-source intelligence (OSINT More ❯

and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incident response planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer Firewalls, VPNs, and endpoint security More ❯

and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incident response planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer firewalls, VPNs, and endpoint security More ❯

activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling, establish processes and workflows to support incident response SOC. Location/WFH: You'll join colleagues in the Central London office for two days a week with flexibility to work from home the other three More ❯

develop a career in Cyber Security in an exciting, fast-moving industry. Key Deliverables: SIEM Management and Optimisation Lead the management, administration and support of our SIEM platform and incident response environment, including general infrastructure and system administration. On-board, maintain and manage security log sources for our SIEM platform, including agent and policy deployment and creating ingest More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

Records of Processing Activities (ROPA) using the One Trust privacy tool Support the handling of Data Subject Access Requests (DSARs) and ensure timely responses Help track data breach and incident reports, supporting incident response processes as needed Coordinate with internal teams to collect privacy-related documentation and evidence (e.g. Standard Operating Procedures) Assist with annual policy and More ❯

Records of Processing Activities (ROPA) using the One Trust privacy tool Support the handling of Data Subject Access Requests (DSARs) and ensure timely responses Help track data breach and incident reports, supporting incident response processes as needed Coordinate with internal teams to collect privacy-related documentation and evidence (e.g. Standard Operating Procedures) Assist with annual policy and More ❯

matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans More ❯

across a 24/7 shift pattern. This role requires DV-level Security Clearance and applicants are therefore required to be a Sole British Citizen. Responsibilities Join the Security Response team to support incident response and SOC operations. Design, implement, and maintain robust network security solutions Collaborate with cross-functional teams to manage vulnerabilities, secure changes, and More ❯

CSOU) Cyber Delivery Unit (CDU) Cyber Improvement Programme Chief Information Security Office Function (CISO) The post of Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non … the job The Security Analyst (Ops Networks and Infrastructure) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre) providing second line security analytics and incident response services. Act as a Tier 2 National Networks and Infrastructure analyst for the Security Operations team. Deputise for Senior Analysts in their absence. Act as an escalation … title is advertised to attract the right skills needed for the role. The post of Security Advisor/Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved … in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security More ❯

people and processes forward * Must have the ability to obtain Security Clearance (SC). Duties include: Lead a shift-based SOC team delivering 24/7 security operations and incident response. Act as a senior technical escalation point for complex or high-impact incidents. Be front of house to customers for SOC technical matters and supporting within customer DDQs. … Configure, tune, and support core SOC technologies across detection, response, and monitoring. Oversee alert triage, playbook execution, and incident coordination. Drive continuous improvement in alert quality, detection logic, and automation. Collaborate with cyber engineering teams to onboard and integrate new log sources. Take ownership of team documentation, shift handover processes, and playbook quality. Required experience: Proven experience in … a leadership or senior role within a Security Operations Centre. Strong technical skills in areas such as alerting, incident response, and log analysis. Comfortable working hands-on with detection and monitoring technologies such as Microsoft Sentinel. Strong understanding of log pipelines, event correlation, and alert tuning. Familiarity with TCP/IP networking, proxies, DNS, endpoint telemetry, and OS More ❯

real-time support, training needs identification, and briefings on emerging threats and tooling updates. Act as key escalation point within the shift, liaising with the SOC Manager, CTI, and Incident Response leads to align on priorities and response strategies. Drive continuous improvement by flagging workflow issues, recommending SOP/playbook updates, and tracking performance metrics. Requirements Established More ❯

incidents, vulnerability management programmes, and client relationships across enterprise environments. What you'll be doing: Acting as the key liaison between the client and operational delivery teams Leading on incident escalation and coordination with SOC and IR teams Managing post-incident investigations and reporting Supporting and driving improvements to vulnerability management workflows Overseeing IDS/IPS updates, firewall … on best practice and optimisation What we're looking for: 10+ years of experience in a SOC or technical security operations environment Proven track record in vulnerability management and incident response Strong understanding of IDS, IPS, and endpoint protection technologies Excellent stakeholder management and communication skills Ability to lead and coordinate teams through critical incidents UK SC clearance More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯