126 to 150 of 468 Incident Response Jobs in the UK excluding London

environments. You'll work across servers, networks, storage, and security tools, contributing to infrastructure projects as well as cyber initiatives such as vulnerability management, incident response, and enhancing security controls. You'll also collaborate with group security teams and help ensure systems remain resilient and up to date. … etc.) Palo Alto deployment/configuration experience is a must Good understanding of firewalls, network protocols, and intrusion prevention Ability to manage vulnerability scanning, incident response, and remediation Confident communicator with solid documentation skills The role also covers an office in Milton Keynes and they might be occasional ...

Cyber Governance, Risk, and Compliance Manager. This role focuses on defining, maintaining, and testing resilience plans for the organisation, including Business Continuity, Incident Response, and Disaster Recovery. You will work closely with multiple teams across the IT department and the wider business to ensure that resilience strategies … will include: · Conducting analysis on business systems to understand and document the impact, scope, and recovery path in relation to cyber incidents. · Contribution to incident reviews to ensure learnings are taken to improve our resilience. · Identifying and escalating weaknesses in the resilience strategy. · Working with project and change teams ...

Cyber Governance, Risk, and Compliance Manager. This role focuses on defining, maintaining, and testing resilience plans for the organisation, including Business Continuity, Incident Response, and Disaster Recovery. You will work closely with multiple teams across the IT department and the wider business to ensure that resilience strategies … will include: Conducting analysis on business systems to understand and document the impact, scope, and recovery path in relation to cyber incidents. Contribution to incident reviews to ensure learnings are taken to improve our resilience. Identifying and escalating weaknesses in the resilience strategy. Working with project and change teams ...

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture.- 3 days on site in Birmingham (Please ensure you are local before applying)- £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role ...

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role ...

KPIs, SLAs and operational targets are met and continuously improved Managing, mentoring and developing SOC analysts to maintain a high-performing team culture Overseeing incident response processes, ensuring issues are escalated, handled and closed effectively Supporting the refinement of SOC processes, reporting, documentation and operational standards Acting … performance and process management A commercially minded approach, comfortable working with KPIs, reporting and wider business objectives Good understanding of SOC tools, processes and incident response workflows Strong communication skills with the ability to work effectively across technical and non-technical teams Exposure to or collaboration with service ...

threat actor profiles, and campaign assessments. Translate complex technical findings into concise, risk-based intelligence for decision-making. Collaborate with SOC, Detection Engineering, and Incident Response teams on purple-team exercises and threat-hunting. Maintain trusted relationships with industry and intelligence communities. Provide SME-level advice and challenge … other platforms to manage workflows and document intelligence findings. About You We’re looking for someone with a strong technical background in threat intelligence, incident response, or threat hunting, ideally within enterprise or global environments. You’ll be confident in analysing complex threats and communicating your findings clearly ...

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills ...

away from ticket-driven support and towards proactive, automated, AWS-first, engineering-led reliability. Responsibilities Embed SRE principles to improve availability, reliability, performance and incident response Modernise legacy support by introducing automation, observability, shift-left practices and CI/CD Work across multiple domains (web/mobile, payments …/What you bring 3-5 years in an SRE or closely related reliability/DevSecOps discipline Strong knowledge of SRE practices: monitoring, observability, incident response, automation Hands-on with AWS and infrastructure-as-code (Terraform, Ansible or CloudFormation) Experience with CI/CD pipelines and container platforms ...

About the role Our Digital Forensics and Incident Response (DFIR) team lead the technical investigation and response to security incidents at Tesco. As part of this team, you’ll work alongside our security operations, threat intelligence, and security engineering teams to protect, detect, and respond to security … help improve and automate the team’s technical workflows, working alongside other teams to help drive innovation across our prevention, automation, detection, and response capabilities. Your status as a senior incident responder means you’ll serve as a role model for engineers and analysts across Security Operations. ...

Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate … requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows ...

diagrams, and evidence packs. Chair the Cyber Security Working Group and support regional security leads. Assist the Security Architect with deploying new controls. Deliver incident response: triage escalations, coordinate crisis response, provide out-of-hours support, and perform post-incident reviews. What We're Looking … Required Experience: Degree or equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills ...

services, define strategic vision for improvement and reliability. Service Design and Implementation: Collaborate with architects and engineers to design secure services and oversee deployments. Incident Management: Coordinate incident response, root cause analysis, and corrective actions. Infrastructure Management: Ensure patching, evergreening, backups, and compliance for on-prem ...

Clearance - Gloucestershire Based or ability to travel to Gloucestershire.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

Clearance - Manchester Based or ability to travel to Manchester.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

Clearance - London Based or ability to travel to London.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst ...

limited to) Azure infrastructure failover, M365 backup/restore, network infrastructure failover. Act as one of the primary points of contact for incident response, and Major Incident Management (MiM). Participate in monthly continuous improvement meetings and collaborate with stakeholders to define recovery objectives, including Recovery Time ...

business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such … 24x7 operational security coverage. Proactively drive efficiency improvements via the use of automation and AI in security operations processes. Own and develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise … Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain ...

Join our global cybersecurity team as Security Analyst. You’ll design and optimize security monitoring across hybrid environments, detect and analyze threats, and support incident response. This role combines hands-on technical expertise with strategic oversight, ensuring compliance with global standards like PCI DSS and ISO 27001. Ideal candidates … Defender, AWS Security Hub, GuardDuty, Inspector) Threat Detection : Analyze alerts, correlate events across hybrid environments, and leverage threat intelligence to identify and prioritize risks Incident Response : Escalate validated incidents, provide detailed context, and collaborate with operations teams for containment and recovery Continuous Improvement : Tune detection rules, automate workflows ...