51 to 75 of 823 Incident Response Jobs in the UK

projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office … PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project … Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence … leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities The More ❯

a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working … responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work … on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation More ❯

meticulous documentation maintenance, risk assessments, and strict compliance with regulations. Key responsibilities include monitoring and managing security infrastructure, defining and implementing security policies, managing incident response processes, and promoting cybersecurity awareness across the organization. This global position involves close collaboration with Global IT colleagues, various functions, and third … 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident … frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft More ❯

meticulous documentation maintenance, risk assessments, and strict compliance with regulations. Key responsibilities include monitoring and managing security infrastructure, defining and implementing security policies, managing incident response processes, and promoting cybersecurity awareness across the organization. This global position involves close collaboration with Global IT colleagues, various functions, and third … 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident … frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft More ❯

Cyber Response Services Senior Analyst – KPMG Curve Base Location: Leeds based (Hybrid – 3 days per week in office) Experienced professional (kpmgcareers.co.uk) As a result of the work that we do, we require applicants to hold or be capable of obtaining UK National Security Vetting, the requirements for which could … is what matters most. What will you be doing? Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view … and being able to advise clients on the threat landscape and attacks which may be relevant to them. Develop KPMG’s in house cyber-response tools Help assess client incident response capability maturity. Help stand-up or improve clients’ own incident response capabilities. Help with More ❯

Are you interested in ensuring customer can always watch their favourite movie or show? If so, you might be the right person for the Incident Mgr role in the READI team who drive availability for Prime Video. Key job responsibilities - Lead calls on customer impacting, high severity, outages that … and operational teams, including for ambiguous problems we might not have seen before. - Deconstruct complex incidents into workstreams that can be managed by multiple incident responders in parallel. - Monitor and manage communications during high severity events via relevant channels, including being the single point of contact for executive leaders … Drive critical, complex customer escalations in situations that are sometimes technically challenging in collaboration with Engineering Teams - Own improving the effectiveness of incident response by driving continuous improvement of standard operating procedures and the tools that help you resolve incidents efficiently. - Proactively identify opportunities for improvement through gap More ❯

configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response More ❯

Join Ofwats Corporate Enablers as a Head of Security Operations & Incident Response *Office Location: Birmingham (B5 4UA) with hybrid working * About Us We are Ofwat, the Water Services Regulation Authority, a non-ministerial government department responsible for regulating the water sector in England and Wales. Our work has … needed; holding water companies to account. Come and work at the source of everyday life. The Role As the Head of Security Operations and Incident Response, you will be responsible for the Security Strategy in Ofwat, our security operations, and overseeing the monitoring and response to security … team and be the primary point of contact for the leadership team and business stakeholders for any security event, ensuring comprehensive monitoring and effective response to cyber security threats across all networks, assets, and users. You will also be responsible for managing incidents related to personnel, technical, and physical More ❯

true positive events. The Security Engineer should be able to analyse incidents and correlate it with appropriate contextual data to determine classification, prioritisation and response to incidents. Respond immediately to cybersecurity-related incidents and provide a thorough post-event analysis. Investigates intrusion incidents and conduct forensic investigations. Act as … active part in the containment of incidents, even after they are escalated. Deliver investigation and remediation activities as a senior member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Coordinate with data asset owners and business response plan owners … during high severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead £65,000 - £70,000 About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides … visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and … the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for More ❯

this role, you will be responsible for the SOC team's overall management, operations, and direction. You will oversee the monitoring, detection, analysis, and response to cybersecurity incidents and threats, ensuring that our organization's information systems and data remain secure. Your leadership will be instrumental in building a … effectively monitor and protect the organization's assets. - Maintain a high level of situational awareness regarding current and emerging threats, vulnerabilities, and attack vectors. - Incident Response & Management: - Lead the response to significant security incidents, working closely with other teams and stakeholders to contain, mitigate, and recover from … security breaches. - Coordinate post-incident analysis and reporting, ensuring that lessons learned are documented and applied to improve SOC processes. - Establish and maintain strong incident communication protocols, ensuring that relevant stakeholders are informed during and after an incident. - Collaboration & Communication: - Collaborate with other cybersecurity, IT, and business teams More ❯

Configure Security Solutions: Implement, optimize, and manage OT cybersecurity platforms such as Claroty, Dragos, Nozomi Networks, Microsoft Defender for IoT, and Armis. Threat Monitoring & Incident Response: Identify, analyze, and respond to security events and incidents in OT networks, collaborating with IT and operational teams to mitigate threats. Security … management, and content filtering. Cybersecurity Frameworks: Familiarity with NIST, IEC 62443, ISO 27001, NERC CIP, GSMA IoT Security Guidelines, and other industry security standards. Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation for OT environments. Technical Skills: Strong troubleshooting, analytical, and … Relevant industry certifications like: Global Industrial Cybersecurity Professional (GICSP) Certified Information Systems Security Professional (CISSP) ISA/IEC 62443 Cybersecurity Fundamentals (IC32) GIAC Certified Incident Handler (GCIH) GIAC Cyber Incident Leader (GCIL) Personal: Besides the professional qualifications of the candidates, we place great importance in various forms of More ❯

practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems’ security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. … Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. … testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such More ❯

practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems' security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. … Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. … testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such More ❯

framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our … platforms like ServiceNow, and meticulously document security processes. Additionally, the role involves analyzing SOC and SIEM data for actionable insights, creating security dashboards and response runbooks, and participating in client meetings as the primary security contact. Staying informed about the latest security trends and techniques is essential. This position … them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate More ❯

Bilingual Incident Management Engineer (E2M) - English & Japanese speaking, Incident Detection and Response Job ID: AWS EMEA SARL (UK Branch) Amazon has built a reputation for excellence with a mission to be the earth's most customer-centric company, a company that customers from all over the globe … and handling large-scale customer impacting events. E2M's purpose is to drive operational excellence and improvements to the overall customer experience. ABOUT YOU Incident Management Engineers have a broad skill set with demonstrated career progression and a proven track record of delivering results. The successful candidate will possess … desire to learn more and do more with AWS. ABOUT THE ROLE AWS Support is looking for a leader with a strong background in Incident Management and customer ownership to be there during the moments that matter for our most critical customers. We are looking for a Major Incident More ❯

Security Operations Engineer - Corporate Security DESCRIPTION The Amazon Web Services team is looking for a passionate Security Incident Response Engineer who can lead the response to security issues across the largest cloud provider in the world. You must thrive in dynamic/ambiguous situations, and think like … both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on security issues is critical. In this role you'll be conducting security monitoring and response activities for … value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the domains mentioned above, but we More ❯

Security Operations Engineer - Corporate Security Job ID: Amazon Development Centre (London) Limited The Amazon Web Services team is looking for a passionate Security Incident Response Engineer who can lead the response to security issues across the largest cloud provider in the world. You must thrive in dynamic …/ambiguous situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on security issues is critical. In this role you'll be conducting security … monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be More ❯

dashboard from evidence outputs from MS solutions, using ISO27K, NIST, NIS 2, DORA, TISAX, PCI, and/or equivalent. Exposure to Threat Methodology and Incident Response: Identify, analyze, and respond to security events and incidents from a process point of view, with insights towards recommended remediation activities, in … management, and content filtering. Cybersecurity Frameworks: Familiarity with NIST, IEC 62443, ISO 27001, NERC CIP, GSMA IoT Security Guidelines, and other industry security standards. Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation. Technical Skills: Strong troubleshooting, analytical, and problem-solving abilities. More ❯

to identify and mitigate risks Integrate Sentinel with other security systems to create a cohesive security infrastructure Implement AI and automation to enable rapid response to common incidents. Provide expert advice on security monitoring, log management, and incident response best practices to strengthen the organisation's overall … integration technologies and related tools to manage and analyse logs to detect and respond to threats effectively Expertise in AI and automation technologies for incident response Demonstrated ability to develop and execute robust incident response strategies, ensuring swift and effective handling of security incidents Ability to More ❯

solutions, and security tools (Nozomi Guardian, Armis, Claroty, Microsoft Defender for IoT). Establish and enforce a security policy framework for supply chain technologies. Incident Response & Threat Management Develop and lead incident response plans to handle security threats. Conduct risk assessments and implement remediation plans without … global team at strategic, tactical, and operational levels. Current knowledge of industry and regulatory trends in enterprise technology. Specialization in security domains such as incident response, security posture assessment, and security management. Thorough understanding of Security Management and Governance principles. Good knowledge of MITRE Framework, IEC 62443, NIST More ❯

a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence processes to align with … a Senior Cyber Threat Intelligence Analyst: Cyber Threat Assessment: Support and lead cyber threat assessments and provide recommendations to technical, managerial, and executive stakeholders. Incident Response Support: Act as part of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat More ❯

streamline support requests. Out-of-Hours Support : Coordinate out-of-hours support activities, ensuring a collective knowledge base for non-trivial SaaS support issues. Incident Response : Manage and contribute to incident response efforts for infrastructure-related issues, ensuring timely resolutions. Capacity & Cost Management Capacity Planning : Conduct … used for large-scale analytics. An appreciation of security best practice in areas such as network security, threat modelling, vulnerability assessment, IAM, SIEM and incident response. Skills in system monitoring, performance tuning, and troubleshooting infrastructure and micro-service-based architectures. Understanding of compliance frameworks like ISO 27001 and SOC … and experience in managing audits and compliance activities. Familiarity with incident response processes and tools, ensuring timely resolution of issues. Benefits: Competitive salary DOE 25 days annual leave + your birthday off, rising to 30 days after 5 years of service. Fully remote working with occasional office travel More ❯