51 to 75 of 361 Incident Response Jobs in the UK

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

Security Drive the secure design and operation of critical technology platforms collaborating with platform owners and engineering teams to embed security throughout the lifecycle Incident Response Threat Management Provide technical oversight for incident response threat detection and vulnerability management Lead root cause analysis and remediation ...

ideal candidate is a “leader‐doer” who can manage the security of complex environment while remaining sharp enough to deep‐dive into an incident response bridge or a cloud architecture review. Duties and Responsibilities Detection Strategy : Build and maintain a world‐class Threat Intelligence program to pivot from … reactive to proactive defense. IR Leadership : Serve as the ultimate escalation point for high‐priority security incidents, leading the Incident Response team through containment, eradication, and recovery. Hunting : Establish regular threat‐hunting cadences to identify dormant or sophisticated actors within the environment. Stay abreast, and keep up with ...

SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop … correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. ...

performance testing for all components æ Ensure solutions are reliable, reproducible and stable across releases æ Support continuous improvement of testing practices Monitoring and Incident Response æ Implement observability and monitoring tooling æ Track system performance and detect anomalies æ Support incident response, troubleshooting and root ...

What you’ll be doing: • Designing and implementing scalable security controls across a multi-cloud environment • Building and maturing Security Operations/detection/incident response capabilities • Driving AI-led automation across alert triage, investigations and response workflows • Building AI agents/leveraging LLMs to improve security … securing a large estate of software, infrastructure and services What they’re looking for: • Strong hands-on experience across Security Engineering, Security Operations and Incident Response • Experience implementing and configuring enterprise security tooling • Strong understanding of SIEM/detection engineering/SOC environments • Experience securing complex cloud environments ...

Governance, Risk, and Compliance (GRC). Working closely with our CTO, you will play a pivotal role in protecting our infrastructure, leading incident responses, and embedding security best practices across our entire product suite. The Role As our Senior Security Analyst, you will own the evolution of our security …/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate ...

security solutions appropriate to the business needs. Support the definition, execution and continuous improvement of key cyber security processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

using Linux, containers and modern automation and CI/CD tooling to improve reliability, performance and security. The position combines hands-on engineering, incident response and continuous improvement of the platform and its supporting infrastructure. Responsibilities Design, implement and support scalable, resilient cloud-based solutions … part of a collaborative engineering team. Contribute to the design and implementation of observability and resilience practices to improve system reliability. Participate in incident response, troubleshooting and root cause analysis to enhance system stability and prevent recurrence. Work with CI/CD pipelines (e.g. GitLab CI or GitHub ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

audit requirements. The role also drives operational excellence by providing expert support for end user computing tools integrated with M365, maintaining detailed documentation, supporting incident response, and collaborating with cross functional IT teams. Additionally, the role evaluates and manages updates from the Microsoft 365 Roadmap to ensure safe … data sharing, external user access, and identity security. Work with Cyber Security teams to ensure adherence to GDPR, ISO27001, and organizational standards. Support investigations, incident response, and audit requests within the M365 ecosystem. Operational Excellence & EUC Support Provide subject matter expertise for EUC tools integrated with M365. ...

maintain Huel’s information security strategy, aligned with business priorities, technology risks, and growth plans. Oversee core security capabilities, including threat detection, vulnerability management, incident response, access controls, and continuous improvement. Partner with Engineering, Data, and IT Operations to embed security across the full lifecycle of applications, systems … Strong knowledge of frameworks, standards, and regulations such as NIST, Cyber Essentials, and GDPR Experience building or maturing capabilities across risk management, incident response, vulnerability management, governance, and awareness Experience working with third-party security providers across services such as penetration testing, Managed Detection and Response ...

recovery aligned to RTO/RPO Manage identity and access management controls Implement monitoring and alerting using Azure Monitor and Log Analytics Support incident response, recovery and release readiness Collaborate with engineering leads, security teams and partners Profile A successful DevSecOps should have: Problem-solving skills … hands-on experience with ARM and Bicep CI/CD pipeline security in Azure DevOps DevSecOps framework design experience Vulnerability management and remediation delivery Incident response, backup and recovery experience Strong scripting skills (PowerShell, Python) Excellent communication and stakeholder influencing skills Self-starter with strong problem-solving mindset ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

impact Act as the link between technical security and the wider business, translating requirements clearly Drive improvements across: SOC/SIEM capability (currently OpenText) Incident response and vulnerability management Penetration testing and security assurance Cloud security across Microsoft and Google environments Support key transformation programmes, particularly across data … isolation What We're Looking For Proven background in Information/Cyber Security with a hands-on approach Experience across core security operations (SIEM, incident response, vulnerability management, cloud security) Comfortable working across both Microsoft and Google cloud environments Experience managing or mentoring junior team members Able ...

initial contract) Location: SW1A 2AH, City of Westminster, England, United Kingdom Remote type: Remote Start date: As soon as possible Head of SOC/Incident Response – LA International Senior leadership within public sector and Defence cybersecurity. Coordinating and integrating public sector/defence digital services. Leverage … public benefit and strengthen digital infrastructure. Manage incident response with knowledge of NIST, ISO 27001, etc. Recruit, mentor, and influence SOC teams. Duration: 6 months Location: Fully remote (with occasional onsite meetings 1–2x per month) Start date: As soon as possible SOC Solutions & Cyber Advisory Lead ...

Reduce alert fatigue by tuning thresholds, suppressing false positives, and downgrading non-actionable errors - Be the first responder when something breaks in production Reliability & Incident Response - Investigate and resolve production incidents end-to-end: detection, root cause analysis, fix, and post-mortem - Handle database performance issues: slow query … scale: clustering, read replicas, failover handling - Solid understanding of container orchestration and deployment strategies - Experience with monitoring and observability platforms (Datadog preferred) - Comfort with incident response: you've been paged at 2am and know how to stay calm, diagnose, and fix - Familiarity with CI/CD pipelines (CircleCI ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...