76 to 100 of 293 Incident Response Jobs in the UK

investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). Own vulnerability management follow through: track remediation actions, validate fixes, and ensure closure ...

investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). Own vulnerability management follow through: track remediation actions, validate fixes, and ensure closure ...

improved access controls. Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes). Adhere to all internal service-related processes such as Alert & Incident Management processes. Assist with the creation of processes … when required and to have these align with existing processes. Document incident reports including actions taken in SOC Ticketing systems. Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily/weekly SOC reports for OT Environments. ...

deliver high-quality technical solutions. Desirable Experience Automation experience (PowerShell, Python, API integrations) and/or systems administration background. Familiarity with security frameworks and incident response methodologies. Experience working with logging pipelines (e.g., AMA, Syslog, Cribl, SIEM tooling). Exposure to non-Microsoft security platforms such as CrowdStrike ...

scripts, and internal platform tooling. Support self-service capabilities for application and product teams. Operational Support (BAU) Support day-to-day platform operations and incident response. Apply patches, upgrades, and maintenance to platform components. Assist with onboarding new cloud environments and subscriptions/accounts. Documentation & Collaboration Maintain engineering documentation ...

Oversee customer facing and technical teams, ensuring efficient handling of customer needs including complex queries, platform optimisation and continuous service improvements. Drive improvements in incident response and incident management processes to ensure rapid resolution, clear communication and reduced customer impact. Coordinate closely with Product, Engineering, Sales ...

Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams deploy quickly and securely. Incident Response: Contribute to operational and security incident handling to minimize downtime and risk. What You Bring: Strong experience designing, managing, and securing ...

control frameworks Lead security audits, manage remediation, and track follow-up actions Cyber Operations Oversight Manage vulnerability scanning programmes, penetration testing, and remediation Oversee incident management processes and escalation procedures Maintain incident response, disaster recovery, and business continuity plans Ensure high standards for access control, monitoring, encryption ...

intentionally progressing) into a cybersecurity-focused career. What We're Looking For Essential Strong systems administration or network engineering background. Hands-on experience in incident response, vulnerability management, or security operations. Clear, articulate communicator able to explain technical risk to non-technical stakeholders. Strong technical troubleshooting skills across ...

deployment pipelines. Ensure repeatable, reliable, and secure deployment processes aligned with best practices. Operational Excellence & SRE Support Contribute to SRE practices including monitoring, incident response, latency management, and service reliability improvements. Support observability initiatives by integrating monitoring, logging, and alerting tools. Troubleshoot platform issues across Red Hat, Kubernetes … maintaining strong communication with technical teams and stakeholders. This role is for a UK based Utility company and hence demands a highly experienced Major Incident Manager. severity incidents. functional technical teams to diagnose and resolve issues. Incident Activities dive reviews to identify root cause and preventive actions. ...

observability, and platform performance Automate infrastructure using Pulumi and Ansible Work closely with engineering teams to improve deployment, monitoring, and operational tooling Participate in incident response and post-incident reviews Contribute to knowledge sharing and mentoring within the team Required Experience Strong hands-on Kubernetes experience running ...

diagnose and resolve application-layer issues in production. Improve platform observability through logging, metrics, and alerting (e.g. Prometheus, Grafana, ELK, Humio). Participate in incident response: triage, root cause analysis, resolution, and post-incident documentation. Reliability & Operations Participate in a rotating on-call schedule with compensated weekend ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft ...

customers to explain security architecture, best practices, and risk management strategies during sales and onboarding discussions. Security Process Development: Define and refine security operations, incident response, and infrastructure-as-code security automation strategies. WHAT IT TAKES 14+ years of experience in networking and security, with strong AWS security ...

involvement with strategic planning and leadership Shaping and owning our AWS infrastructure and reliability roadmap Defining and embedding SRE best practices, including monitoring, alerting, incident management, and capacity planning Establishing and evolving SLOs, SLIs, and error budgets in partnership with engineering teams Acting as a senior technical voice … architecture discussions and operational decision-making Supporting incident response and post-incident reviews, with a focus on long-term improvement Developing, mentoring, and empowering a high-performing engineering team Essential Skills & Experience Experience in a senior SRE, Infrastructure, or Platform leadership role Strong, practical experience operating production ...

Site Defender (KSD), WAF, and Bot Manager Implement and manage security policies, rulesets, and traffic routing configurations Monitor web traffic, identify threats, and support incident response activities Tune WAF and bot protection rules to minimise false positives and enhance effectiveness Support CDN configuration, caching strategies, and performance optimisation ...

with the latest security threats and firewall technologies to recommend improvements. Document firewall configurations, changes, and procedures for audit and knowledge sharing. Participate in incident response and disaster recovery planning related to firewall infrastructure. Qualifications: Bachelor's degree or equivalent education and experience. Preferred: Bachelors degree in engineering ...

global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will ...

client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech ...

wants to lead technology service operations and ensure consistent, reliable performance across systems and platforms? In this role, you'll take ownership of incident management, service governance, and operational excellence, helping to deliver a seamless technology experience across the organisation. What you'll do: Lead incident and problem … management, driving effective technical response and resolution. Manage SLAs, service performance dashboards, and continuous improvement initiatives. Oversee cyber security incident response and vulnerability remediation. Coordinate service desk triage and out-of-hours support coverage. Partner with key stakeholders across Product, Engineering, and Compliance to support audit readiness ...

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

segmentation platforms, Sophos, Mimecast, XDR solutions, vulnerability scanners and hardening baselines. Managing firewalls, VPNs, secure remote access and segmentation controls. Improving detection and response by working closely with SIEM/SOC teams. Ensuring critical logging, monitoring and compliance standards are always met. Automating deployments and controls using PowerShell, Python … Terraform or similar tools. Supporting vulnerability assessments and driving remediation across the estate. Contributing to secure design reviews across applications, infrastructure, and cloud services. Incident response experience is desirable but not essential. We're looking for someone with: Strong hands-on experience with network infrastructure and security, segmentation ...

events from Microsoft Security Suite Perform initial triage and analysis of security incidents to determine severity and impact. Escalate verified incidents to the incident response teams. Ensure timely triage and remediation of any incidents Follow standard operating procedures (SOPs) for incident handling and escalation. Assist in improving … standard operating procedures (SOPs) Assist in identifying tuning opportunities and reduction of false positives Communicate with customer stakeholders during incident investigation Maintain awareness of current threats and vulnerabilities relevant to customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender ...

automation tools. Monitoring, Observability & Reliability: • Implement comprehensive monitoring, logging, and alerting systems (Prometheus, Grafana, CloudWatch, Datadog, Sentry) to ensure system reliability and rapid incident response. • Establish SLOs/SLIs and implement observability best practices to maintain high availability and performance. • Lead incident response, root cause analysis ...