76 to 100 of 823 Incident Response Jobs in the UK

Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response experience including developing threat hunting capabilities, security use cases and playbooks. Day to day Development of the tools and processes to establish … evolving attack scenarios. Participate in industry-based Threat Intelligence sharing groups. Produce reports based on threat activity, trends and reported industry incidents. Leading security incident response processes with support from the principal analyst. Integrating and analysing threat intelligence sources necessary to evolve our protective controls accordingly. Ensure our … Security Incident and Event Management (SIEM) and log management capabilities are comprehensive enough to provide actionable alerts, limiting noise and false positives. Ensure preparedness for the most common threats and scenarios, supporting the development of playbooks. Reduce the organisation's attack surface across all environments to minimise the risk More ❯

Security Operations Engineer, AWS Security Cloud Response DESCRIPTION Amazon is looking for a focused Security Engineer who can take on a leadership role in responding to security issues across the largest cloud provider in the world. The right candidate must thrive in high-pressure situations, think like both an … information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. Key Responsibilities Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type … sensitivity, and multiple audiences. Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence. Provide subject matter expertise on architecture, authentication and system security. Fulfill regular on-call responsibilities. BASIC QUALIFICATIONS Bachelor's degree More ❯

fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … community and awareness of emerging trends Role & Responsibilities As a Senior Security Operations Centre Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. - Maintain and optimize security information and event management systems and other security tools used in the SOC. - Collaborate with other teams … to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not More ❯

compromised, information is accessed, data is exfiltrated, backups are wiped, and ransomware is deployed, locking up an entire organization. Join our threat detection and response team to perform active threat hunting and assist organizations in recovering from cyber incidents. We're seeking CND and CNO specialists who can think … cyber attackers to understand how security measures were circumvented. This role offers an opportunity to use your analytical skills and gain endpoint detection and response experience to identify indicators of compromise. You will collaborate with incident response analysts engaged in forensic investigations. Join us. The world can … or Defender for Endpoint Experience with network- and host-based intrusion analysis, digital forensics, or malware handling Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams Knowledge of security principles, including MITRE ATT&CK framework, threat landscapes, or attacker TTPs Knowledge of Microsoft Windows More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. … engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). More ❯

improvement in security operations. Job Description Outcomes Security Operations Center (SOC) Management: Serve as the primary escalation point for outsourced SOC services, ensuring effective incident response and threat mitigation. Technical Audit & Compliance: Oversee regular cybersecurity audits, ensuring adherence to regulatory requirements and best practices. Act as the primary … mitigation strategies to protect organizational assets. Stakeholder Engagement: Collaborate with internal and external stakeholders to drive improvements and align cybersecurity initiatives with business objectives. Incident Response & Forensics: Lead investigations into security incidents, ensuring rapid response and recovery. Carry out root cause analyses and ensure associated action plans … with a significant Operational Technology footprint. Excellent communication skills to convey complex security concepts to non-technical stakeholders. Experience managing outsourced SOC services and incident response teams. Knowledge of industry standards and best practices such as ISO 27001, SOC, NIST CSF, and Cyber Essentials. Education A bachelor's More ❯

and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong … processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading … incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC More ❯

and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong … processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading … incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC More ❯

and security laws. The DMD is also responsible for ensuring a strong, functional internal and external client satisfaction program, oversight of the organization's incident response program, and ensuring business continuity while driving key projects and managing staff. A key aspect of this role is coordinating with internal … management. The DMD is responsible for ensuring Digital Solutions has embedded a successful client experience program that meets established goals and objectives, including prompt response to requests, established service criteria, implementation of service recovery model, training, and mentoring of DS staff as required. Provides oversight and direction to the … Digital Solutions department and UMass Chan IT and Information Security teams to ensure alignment on technical strategies, cybersecurity protocols, and compliance with institutional policies. Incident Response and Business Continuity: Lead efforts in business continuity, incident response, and disaster recovery, ensuring swift resolutions and developing protocols for More ❯

event tickets in Jira, analyze events, assess impacts, and determine responses. This role involves both reactive and proactive security activities, including risk evaluation and incident response, such as scoping, detection, containment, eradication, and improvement planning. You will monitor security tools like SIEM (e.g., Splunk) for unusual activity. As … you gain experience, you'll design and implement detection rules to enhance early threat detection. Creating incident reports and maintaining security documentation are also part of your responsibilities. Continuous learning about emerging threats and defenses is essential. About you You possess basic analytical skills to assess security events, with … training provided. You are prepared to participate in incident response activities and assist in planning improvements. You can monitor security tools such as SIEM, EDR, and DLP systems attentively. With experience, you will learn to design and implement security rules and configurations. You have strong communication skills for More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … through mitigation and remediation Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Monitor network incidents using network monitoring tools and other systems to maintain 99.9% uptime of our network Monitor and take ownership More ❯

SRE maturity through the research and development of internal tooling, operational enhancements, and deployment pipelines. Ivanti SRE takes a holistic view of operational procedures, incident response procedures, application and infrastructure monitoring, and process automation. Ivanti SRE is a blend of infrastructure, networking, automation, development, and application administration. This … a hands-on technical position. The ideal candidate will have a software engineering background and strong experience with continuous deployment, SaaS delivery, and production incident response. This role requires that applicants reside in Scotland and be authorized to work in the United Kingdom. About The Team Ivanti Engineering is … Working with geographically dispersed, cross-departmental teams to solve difficult problems Participate in on-call rotations for 24x7 coverage (follow-the-sun model) for incident response, issue triage, and problem resolution To Be Successful in The Role, You Will Have A BSc in Computer Science, a related field More ❯

be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the more junior Analyst within the team … teams to recommend system tuning/configuration improvements and opportunities to develop internal processes and playbooks. Mentor and train junior team members through complex incident response investigations. Key Requirements: Prior experience working in a Senior SOC Analyst capacity, responding to escalated alerts and the most sophisticated incidents whilst … out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the more junior Analyst within the team … teams to recommend system tuning/configuration improvements and opportunities to develop internal processes and playbooks. Mentor and train junior team members through complex incident response investigations. Key Requirements: Prior experience working in a Senior SOC Analyst capacity, responding to escalated alerts and the most sophisticated incidents whilst … out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We re looking for a Cyber Security Incident Response Team (CSIRT) Specialist. Based at our Capenhurst office 2/3 days a week. At Urenco we re committed to giving you … threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in this role? Demonstrates strong incident response experience with a consultancy mindset. Possesses a strong curiosity and analytical mindset - capable of identifying core problems and collaborating with various functions More ❯

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We’re looking for a Cyber Security Incident Response Team (CSIRT) Specialist. Based at our Capenhurst office 2/3 days a week. At Urenco we’re committed to giving you … threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in this role? Demonstrates strong incident response experience with a consultancy mindset. Possesses a strong curiosity and analytical mindset - capable of identifying core problems and collaborating with various functions More ❯

vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incident response plan, act as the incident response leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ More ❯

Starling SOC team, you will be working with the industries brightest SecOps professionals to protect Starling customers, assets, and systems using the latest technologies. Incident Triage, Response, and Investigations based on Alerts received from multiple sources which include: Cloud Infrastructure/Security. Endpoint Detection and Response. Perimeter detection … tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. Requirements About your Skills We're open-minded when it … overview: 3+ years experience in an in-house SOC role and team Understanding of AWS Security Solutions (or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms. Experience working in CSIRT/ More ❯

into all stages of the development lifecycle. Security Assessment: Conduct security assessments, penetration tests, and vulnerability scans, and work with teams to remediate findings. Incident Response: Develop incident response plans, coordinate responses to security incidents, and drive improvements from lessons learned. Stakeholder Management: Communicate security requirements More ❯

How you will contribute The Director of SOC will play a critical role in, overseeing the 24/7/365 monitoring, detection, and response to cybersecurity threats and incidents, ensuring operational excellence, threat intelligence integration, and alignment with the organization's security objectives. The ideal candidate is a … proven cybersecurity leader with a deep understanding of security operations, threat landscapes, incident response, and team leadership. This individual will play a key role in shaping the future of our cyber defense capabilities. Responsibilities: • Lead and manage the daily operations of the Security Operations Center, including managing a … multi-tiered team of managers, analysts, and incident responders. • Develop and execute SOC strategy, goals, and KPIs in alignment with organizational cybersecurity and business objectives. • Oversee incident detection, triage, investigation, and coordinated response efforts to mitigate threats in real time. • Ensure continuous improvement of security monitoring tools More ❯