51 to 75 of 403 Incident Response Jobs in the UK

delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will … involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking ...

/CD principles to automate detection engineering workflows, boosting operational efficiency. Build and optimize security playbooks to streamline detection, threat hunting, and incident response activities. Develop, automate, and enhance our threat detection and response capabilities. Work closely with security analysts and other stakeholders to identify and address … gaps in incident response capabilities. Keep up with current threat intelligence, emerging trends, TTPs, and vulnerabilities to adapt our detection strategies and effectively respond to evolving threats. About You Strong understanding of AWS cloud platforms with proficiency in a wide range of AWS services (e.g. ...

Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier … Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

activity. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits … intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Work with the IT Manager to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence ...

About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities. Youll be at the forefront of detecting, analysing and responding to evolving threats, ensuring our technical security controls and frameworks … hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed ...

Windows Server infrastructure, including patching and hardening. Conduct regular security assessments, vulnerability remediation, and participate in audits. Develop and maintain technical documentation, runbooks, and incident response procedures. Collaborate with IT, Security, and business teams to deliver secure, scalable solutions. Integrate security best practices into DevOps and cloud automation … emerging threats, vulnerabilities, and technology trends. Key Experience Required Proven expertise in Azure security engineering and Windows Server administration. Strong background in security operations, incident response, and monitoring. Skilled in Microsoft security tools (M365 Purview, DLP) and automation (PowerShell, Azure CLI). Knowledge of identity and access management ...

role in protecting a large-scale, high-availability environment, acting as an escalation point for complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling … malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems and using threat intelligence to strengthen detection capabilities. Producing clear, concise incident reports for senior stakeholders, including non-technical audiences. Supporting junior analysts with guidance, best practice coaching and career development (no formal line management). ...

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote ...

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote ...

threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation … events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases ...

where you'll help set the direction for cybersecurity, manage risk, and ensure compliance across all environments. You'll lead a dedicated team, drive incident response, and work closely with senior stakeholders to safeguard critical systems and data. This is an excellent opportunity for an experienced professional … aligned with best practice frameworks and industry standards Take the lead on risk assessments and vulnerability reviews, implementing robust controls to mitigate threats. Manage incident response processes, including preparation, detection, resolution, and post-incident analysis. Mentor and develop the cybersecurity team, ensuring they have the tools ...

engaging both technical and executive stakeholders. 4+ years of experience with endpoint platforms, including hands-on work with forensics, EDR/SIEM, and incident response systems. Familiarity with the security operations landscape, including SIEM, XDR, SOAR, ASM, and SOC workflows. Experience in building SOC workflows, supporting incident response, and integrating security tools into enterprise environments. At least 2 years of hands-on experience with one or more major cloud platforms (AWS, Azure, GCP), including knowledge of cloud-native security principles. Experience with automation, scripting, and integration of security technologies in both cloud and on-prem ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

will be responsible for leading the day-to-day operational security activities that protect Icelands systems and data. This includes managing security monitoring, incident response, vulnerability management, and ensuring operational processes are effective and aligned with best practices. This is a senior role that requires strong leadership skills … looking for: Essential Proven experience in managing cyber security operations within a complex IT environment. Strong leadership and team management skills. Expertise in incident response and vulnerability management processes. Expertise with Microsoft security technologies (Defender suite, Sentinel). Excellent communication and stakeholder engagement skills. Ability to develop ...

will be responsible for leading the day-to-day operational security activities that protect Iceland’s systems and data. This includes managing security monitoring, incident response, vulnerability management, and ensuring operational processes are effective and aligned with best practices. This is a senior role that requires strong leadership … looking for: Essential · Proven experience in managing cyber security operations within a complex IT environment. · Strong leadership and team management skills. · Expertise in incident response and vulnerability management processes. · Expertise with Microsoft security technologies (Defender suite, Sentinel). · Excellent communication and stakeholder engagement skills. · Ability to develop ...

/CD pipelines (SAST, DAST, IaC scanning). Ensure cloud infrastructure meets internal policies and regulatory standards. Configure cloud-native logging, monitoring, and incident response workflows. Collaborate with DevOps and IT teams to guide secure deployment practices. Maintain documentation, runbooks, SOPs, and incident response playbooks. Requirements ...

Network Security Engineer, where you will play a key role in safeguarding our clients' organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing … Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance of £8k) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific ...

identify risks and vulnerabilities in people, processes, and technology. In this role, you will design and execute Red Team assessments to evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management. This position is anticipated to require … operating within financial services environments and knowledge of sector-related cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response methodologies Experience delivering regulatory-driven red team testing such as CBEST, TIBER, and iCAST Experience of targeting cloud-based environments such ...

troubleshooting and resolution in line with SLAs Create and maintain technical documentation, policies, and procedures, ensuring smooth handover to Service Desk teams Lead the incident response lifecycle, including managing security incidents and data breach containment, eradication, and post-mortem analysis. Serve as a dedicated Tier 3 escalation point … security framework Monitor, investigate, and remediate security alerts, incidents, and Indicators of Compromise (IOCs) Conduct threat analysis to address new and emerging risks; deploy response strategies to mitigate vulnerabilities Manage and optimise security tools, including Next-Gen SIEM, SOAR, EDR/MDR/XDR, and cloud security solutions (CASB ...