326 to 350 of 660 Incident Response Jobs in the UK

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

. Solid understanding of security frameworks and standards: NIST, CIS Controls, ISO 27001 , and compliance mandates relevant to banking. Familiarity with secure coding practices and DevSecOps pipelines. Experience with incident response, security monitoring, and digital forensics. More ❯

for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security … for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and More ❯

Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security More ❯

information security providers Own Data Loss Prevention project implementation Manage breach simulation tools and conduct penetration testing Identify and remediate security weaknesses Deliver monthly security awareness sessions Support cyber incident response Essential Requirements Broad IT systems knowledge with security risk understanding Experience implementing security tools Cloud security controls knowledge (AWS, Azure, Microsoft 365) Experience protecting against threat actors More ❯

monitor key risk indicators (KRIs) and key performance indicators (KPIs). Support project teams in embedding risk management throughout project lifecycle. Collaborate with internal and external partners to enhance incident response and cyber resilience. Candidates will have; Experience in a cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR More ❯

with day-to-day operations Managing Microsoft 365 security tools, firewalls, networks, Wi-Fi, and email security platforms Acting as the main contact for our outsourced SOC and overseeing incident response Running pen tests, vulnerability scans, and regular security assessments Owning governance, risk, and compliance activities (ISO 27001, Cyber Essentials) Delivering supplier risk assessments and secure onboarding processes More ❯

strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute to incident response, security training, supplier reviews, and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. More ❯

Experience in one or more of the following areas: MDR, EDR, XDR, NDR NGFW, IDS/IPS, WAF, SASE, SSE, NAC PAM, MFA, SSO, DLP, SIEM, SOAR Threat Intelligence, Incident Response, Pen Testing, Red Teaming Cloud security solutions (CASB, CNAPP, VM, DAST) Security awareness training, vCISO/vSM services, compliance frameworks (PCI, ISO, NIST, Cyber Essentials) Further information More ❯

years of experience in Threat Intelligence, Vulnerability Management, or cyber research. Strong understanding of adversary TTPs and the threat landscape, especially in CNI/Gov environments. Experience in technical incident response and cloud-based security operations. Proficiency in open-source intelligence (OSINT) and deep technical analysis. Knowledge of Windows/Linux internals, networking, and cloud platforms (e.g. Azure More ❯

years of experience in Threat Intelligence, Vulnerability Management, or cyber research. Strong understanding of adversary TTPs and the threat landscape, especially in CNI/Gov environments. Experience in technical incident response and cloud-based security operations. Proficiency in open-source intelligence (OSINT) and deep technical analysis. Knowledge of Windows/Linux internals, networking, and cloud platforms (e.g. Azure More ❯

years of experience in Threat Intelligence, Vulnerability Management, or cyber research. Strong understanding of adversary TTPs and the threat landscape, especially in CNI/Gov environments. Experience in technical incident response and cloud-based security operations. Proficiency in open-source intelligence (OSINT) and deep technical analysis. Knowledge of Windows/Linux internals, networking, and cloud platforms (e.g. Azure More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors’ tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

recovery, and disaster recovery strategies to ensure data protection and business continuity] Ability to implement robust monitoring and logging solutions e.g., CloudWatch, to ensure system reliability, observability, and proactive incident response Comfortable working in Agile development teams, translating business requirements into technical solutions, and actively participating in sprint planning, retrospectives, and daily stand-ups Capability to design scalable More ❯

impacts of IT operational and control activity impacting the risk register as well as related stakeholders including Compliance, Internal Audit and SOX (carriers) Taking the lead on IT Risk Incident responses Developing a working understanding of new IT-related risks or controls Keep the risk register (Decision Focus) current for IT-related risks, controls and accountability The IT Risk More ❯

high-pressure environment with geographically dispersed teams across different time-zones. The Role To detect and investigate all cyber security related incidents across WTW and escalate cases to relevant Incident Response teams Manage a geographically dispersed team supporting SOC based detection services on a 24/7/365 basis around the globe. Ensure shift coverage is adequate … playbooks and operating procedures within the SOC are adequate and effectively identify, triage and investigate cyber threats and attacks in a timely manner Integrate the detection services with the response teams and threat teams to ensure an efficient incident life cycle is maintained Implement KPI and SLA's and monitor adherence to targets Maintain a membership list and … call out details of the Cyber Security Incident Group ensuing incidents are raised to the correct resolver groups when appropriate Implement regular Table Top Exercises to test SOC processes and procedures Conduct Quality Assurance reviews of SOC services and incidents ensuring lessons learned and improvements are implemented The Requirements Experience in SOC Management for Enterprise Organisations (Essential) Strong experience More ❯

optimise security tools including endpoint protection, email security, and SOC services. Respond to security alerts and incidents, ensuring timely resolution and clear documentation. Develop and maintain security playbooks and incident response procedures. Work with IT teams and third parties to embed security best practice into projects and daily operations. Support security awareness initiatives to improve cyber hygiene across … the organisation. Skills & Experience Experience in IT security or infrastructure roles with exposure to vulnerability management and incident response. Working knowledge of common attack vectors such as phishing, ransomware, and lateral movement. Familiarity with security tools such as SIEM, vulnerability scanners, endpoint protection, and patch management. Understanding of frameworks and standards such as NIST CSF, CIS Controls, Cyber Essentials More ❯