126 to 150 of 277 Incident Response Jobs in the UK excluding London

people and processes forward * Must have the ability to obtain Security Clearance (SC). Duties include: Lead a shift-based SOC team delivering 24/7 security operations and incident response. Act as a senior technical escalation point for complex or high-impact incidents. Be front of house to customers for SOC technical matters and supporting within customer DDQs. … Configure, tune, and support core SOC technologies across detection, response, and monitoring. Oversee alert triage, playbook execution, and incident coordination. Drive continuous improvement in alert quality, detection logic, and automation. Collaborate with cyber engineering teams to onboard and integrate new log sources. Take ownership of team documentation, shift handover processes, and playbook quality. Required experience: Proven experience in … a leadership or senior role within a Security Operations Centre. Strong technical skills in areas such as alerting, incident response, and log analysis. Comfortable working hands-on with detection and monitoring technologies such as Microsoft Sentinel. Strong understanding of log pipelines, event correlation, and alert tuning. Familiarity with TCP/IP networking, proxies, DNS, endpoint telemetry, and OS More ❯

real-time support, training needs identification, and briefings on emerging threats and tooling updates. Act as key escalation point within the shift, liaising with the SOC Manager, CTI, and Incident Response leads to align on priorities and response strategies. Drive continuous improvement by flagging workflow issues, recommending SOP/playbook updates, and tracking performance metrics. Requirements Established More ❯

incidents, vulnerability management programmes, and client relationships across enterprise environments. What you'll be doing: Acting as the key liaison between the client and operational delivery teams Leading on incident escalation and coordination with SOC and IR teams Managing post-incident investigations and reporting Supporting and driving improvements to vulnerability management workflows Overseeing IDS/IPS updates, firewall … on best practice and optimisation What we're looking for: 10+ years of experience in a SOC or technical security operations environment Proven track record in vulnerability management and incident response Strong understanding of IDS, IPS, and endpoint protection technologies Excellent stakeholder management and communication skills Ability to lead and coordinate teams through critical incidents UK SC clearance More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security More ❯

for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security … for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and More ❯

information security providers Own Data Loss Prevention project implementation Manage breach simulation tools and conduct penetration testing Identify and remediate security weaknesses Deliver monthly security awareness sessions Support cyber incident response Essential Requirements Broad IT systems knowledge with security risk understanding Experience implementing security tools Cloud security controls knowledge (AWS, Azure, Microsoft 365) Experience protecting against threat actors More ❯

monitor key risk indicators (KRIs) and key performance indicators (KPIs). Support project teams in embedding risk management throughout project lifecycle. Collaborate with internal and external partners to enhance incident response and cyber resilience. Candidates will have; Experience in a cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR More ❯

with day-to-day operations Managing Microsoft 365 security tools, firewalls, networks, Wi-Fi, and email security platforms Acting as the main contact for our outsourced SOC and overseeing incident response Running pen tests, vulnerability scans, and regular security assessments Owning governance, risk, and compliance activities (ISO 27001, Cyber Essentials) Delivering supplier risk assessments and secure onboarding processes More ❯

strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute to incident response, security training, supplier reviews, and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. More ❯

years of experience in Threat Intelligence, Vulnerability Management, or cyber research. Strong understanding of adversary TTPs and the threat landscape, especially in CNI/Gov environments. Experience in technical incident response and cloud-based security operations. Proficiency in open-source intelligence (OSINT) and deep technical analysis. Knowledge of Windows/Linux internals, networking, and cloud platforms (e.g. Azure More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors’ tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly situational reports. Collaborate with the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential More ❯

systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

recovery, and disaster recovery strategies to ensure data protection and business continuity] Ability to implement robust monitoring and logging solutions e.g., CloudWatch, to ensure system reliability, observability, and proactive incident response Comfortable working in Agile development teams, translating business requirements into technical solutions, and actively participating in sprint planning, retrospectives, and daily stand-ups Capability to design scalable More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: Vulnerability Management Analyst/VM Analyst/Information Security Analyst/Information More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: Vulnerability Management Analyst/VM Analyst/Information Security Analyst/Information More ❯

measures into development processes. Stay updated on the latest security trends and technologies to enhance our security posture. Provide guidance and mentorship to junior security team members. Engage in incident response activities, ensuring swift resolution of security incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge More ❯

measures into development processes. Stay updated on the latest security trends and technologies to enhance our security posture. Provide guidance and mentorship to junior security team members. Engage in incident response activities, ensuring swift resolution of security incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge More ❯