351 to 375 of 1,118 Incident Response Jobs in the UK

analytics and data visualization tools like PowerBI . Certified Agile Tester (CAT) or ISTQB Agile Tester Extension (CTFL-AT) . Experience with forensics and incident response in government systems. Strong understanding of cloud security posture management (CSPM) and SIEM tools (Splunk, ELK, Microsoft Sentinel) . Experience with security More ❯

and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any More ❯

design and operating effectiveness) e.g. Cloud, SDLC, AI/ML, Change Management, Identity and Access Management, Third Party, Encryption, Configuration Management, Patching, Network Security, Incident Response, Capacity and Resiliency. Knowledge with technology application and infrastructure components such as Servers, Storage, Networking, Application Development, SDLC, End User Platforms, Digital … HDFS, MapReduce Web and Mobile technologies, digital workflow tools Site reliability engineering and runtime operational tools (agent-based technologies) and processes (capacity, change and incident management, job/batch management) Email, messaging, and collaboration systems (Office 365, Exchange, SharePoint, instant messaging) Strong understanding of technology control frameworks and industry More ❯

Security Information and Event Management) tools. Analyze security incidents to determine their impact, severity, and conduct thorough investigations of security breaches. Develop and implement incident response plans and procedures. Collaborate with IT and security teams to effectively resolve security issues. Maintain security documentation and incident reports while More ❯

e.g., NIST, ISO27000 series). Expertise in network security protocols, Azure security solutions, firewalls, intrusion detection systems, VPNs, etc. Proficient in vulnerability assessment tools, incident response frameworks, and risk management methodologies. Ability to collaborate effectively with cross-functional teams. Analytical mindset to interpret security data and make informed More ❯

ll also drive cyber awareness and training initiatives for commercial teams, support regulatory compliance (e.g., ISO 27001, NIST SP 800-53, GDPR), and handle incident response, triage, and escalations per internal policies. You'll contribute to investigations, the annual NIST CSF 2.0 maturity assessment, and resolution of Information More ❯

ll also drive cyber awareness and training initiatives for commercial teams, support regulatory compliance (e.g., ISO 27001, NIST SP 800-53, GDPR), and handle incident response, triage, and escalations per internal policies. You'll contribute to investigations, the annual NIST CSF 2.0 maturity assessment, and resolution of Information More ❯

In collaboration with GT, manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among bank London employees; conduct annual training/ More ❯

settle in and provide ongoing mentorship as you grow in your role. You'll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. More ❯

experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell More ❯

and categorise incidents in accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and provide actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. … Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel. Proficiency in Python and scripting for automation and analysis More ❯

ITSM) processes across all teams, ensuring standardized, efficient, and effective service delivery. * Establish SRE-based operational metrics, including SLOs, SLIs, and error budgets. * Oversee incident response, problem resolution, and root cause analysis with AI-driven remediation. * Ensure high availability, performance, and security compliance for all enterprise services. * Develop … a follow-the-sun operational support model, ensuring 24x7 resilience and uptime across all of BCG. * Optimize incident, change, and capacity management, ensuring alignment with ITIL best practices and automated workflows. * Lead Service Asset and Configuration Management (SACM), ensuring accurate and real-time management of software and IT assets More ❯

ITSM) processes across all teams, ensuring standardized, efficient, and effective service delivery. * Establish SRE-based operational metrics, including SLOs, SLIs, and error budgets. * Oversee incident response, problem resolution, and root cause analysis with AI-driven remediation. * Ensure high availability, performance, and security compliance for all enterprise services. * Develop … a follow-the-sun operational support model, ensuring 24x7 resilience and uptime across all of BCG. * Optimize incident, change, and capacity management, ensuring alignment with ITIL best practices and automated workflows. * Lead Service Asset and Configuration Management (SACM), ensuring accurate and real-time management of software and IT assets More ❯

DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations centre (SOC) environment … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able More ❯

Monitor, triage, and investigate alerts and network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber More ❯

Monitor, triage, and investigate alerts and network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge … between foundational and advanced threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining … threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. As a Tier 2 Analyst you will work to ensure a seamless … SOC operation & act as a bridge between foundational & advanced threat detection & response functions. Responsibilities: * Conducting escalated triage & analysis on security events identified by Tier 1 Analysts, determining threat severity & advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis … event correlation, & thorough documentation of security incidents. * Identifying & escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response & adherence to service Tier objectives (SLOs). * Investigating potential security incidents by conducting deeper analysis on correlated events & identifying patterns or anomalies that may indicate More ❯

Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. As a Tier 2 Analyst you will work to ensure a seamless … SOC operation & act as a bridge between foundational & advanced threat detection & response functions. Responsibilities: Conducting escalated triage & analysis on security events identified by Tier 1 Analysts, determining threat severity & advising on initial response actions. Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis … event correlation, & thorough documentation of security incidents. Identifying & escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response & adherence to service Tier objectives (SLOs). Investigating potential security incidents by conducting deeper analysis on correlated events & identifying patterns or anomalies that may indicate More ❯

improve IT Security operations, ensuring efficient and compliant management of security services. Vendor Management: Manage outsourced security providers, ensuring performance meets established SLA standards. Incident Response: Lead and manage IT security incidents, including forensics when necessary. Security Services: Drive the delivery of services including Threat & Vulnerability Management, Privileged More ❯

identifying and tackling system vulnerabilities Leading the charge on third-party risk assessments Educating teams with security awareness programs (yes, including phishing simulations!) Supporting incident response and continuous security improvements Helping shape and implement our information security policies What you'll bring: You're not just good at More ❯

and mitigate security risks through effective controls. Work with key software and service vendors to manage security products and solutions. Lead and support security incident response, including investigation, containment, and remediation. Deploy, manage, and continuously improve security tools, including vulnerability management, identity management, and attack surface monitoring. Analyse More ❯

and mitigate security risks through effective controls. Work with key software and service vendors to manage security products and solutions. Lead and support security incident response, including investigation, containment, and remediation. Deploy, manage, and continuously improve security tools, including vulnerability management, identity management, and attack surface monitoring. Analyse More ❯

and mitigate security risks through effective controls. Work with key software and service vendors to manage security products and solutions. Lead and support security incident response, including investigation, containment, and remediation. Deploy, manage, and continuously improve security tools, including vulnerability management, identity management, and attack surface monitoring. Analyse More ❯

with the Technical Operations team to manage security decision making Identify and implement appropriate controls, mitigations and risk treatment plans Develop and manage cyber incident response for services in life Ensure alignment of security operations with the strategic cyber aims of national services linked to policing Implement vulnerability More ❯