151 to 175 of 450 Incident Response Jobs in the UK excluding London

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. As a Tier 2 Analyst you will works closely with senior and junior analysts to ensure … a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. Responsibilities: * Conducting escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and … thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). * Investigating potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. * Using OSINT (Open-Source Intelligence More ❯

initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. As a Tier 2 Analyst you will works closely with senior and junior analysts to ensure … a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. Responsibilities: * Conducting escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and … thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). * Investigating potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity. * Using OSINT (Open-Source Intelligence More ❯

you will implement and maintain IT security measures across infrastructure, conduct system audits and security assessments, and enhance risk management processes. You ll be responsible for creating and maintaining incident response plans, supporting external audits, and contributing to security governance. Additionally, you ll monitor systems using modern security tools and ensure compliance with relevant legal and regulatory standards. More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

known organisations. Youll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

You'll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estates-contributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

security incidents ensuring they are properly documented and escalated as required. Act as the escalation point for security incidents that have been processed by the CTOC Analysts. Write detailed incident reports which are consumable by audiences of varying technical understanding. Support the Incident Response function by providing technical guidance and analysis on active or ongoing incidents. Respond … as required the existing detections, ensuring they are fit for purpose, tested and validated. About y ou Proven experience in a security operations role, or technical security role, supporting incident investigations and remediation activities. Excellent security analysis skills utilising SIEM technologies and query languages for advanced analysis and threat hunting Ability to research and deploy new threat-driven detections More ❯

non-technical individuals. Conduct configuration compliance scanning of systems to ensure the devices remain compliant with the nominated standard and don't deviate from the configuration baseline. Monitor Security Incident and Event Monitoring tools to identify potentially cybersecurity events of interest, including suspicious activity and indicators of compromise. Ensure all cybersecurity incidents are reported expeditiously and handled appropriately in … accordance with the Incident Response Plan. Provide support to Authorisation assessments to ensure the system maintains its Authorisation to Operate. Conduct user privilege audits to review personnel privilege levels ensuring the principle of least privilege is consistently applied. Coordinate and cooperate with project stakeholders to ensure cybersecurity activities are appropriately prioritised and implemented within the scheduled activities. About More ❯

to date with the latest industry trends and emerging technologies in network security. * Provide support and guidance to IT teams on security best practices and compliance requirements. * Participate in incident response activities and perform forensic analyses when necessary. * Prepare and maintain documentation related to network security architecture and operations. Critical Skills for Success * Proven experience with security technologies More ❯

expert for cloud technologies, supporting internal teams and projects. Collaborate cross-functionally to embed cloud capabilities and enable citizen development. Provide technical leadership across a range of cloud initiatives, incident response, and continuous service improvement. About You About you: Proven experience in the technical delivery and support of Microsoft Azure cloud services. Solid understanding of cloud security principles More ❯

and review of data protection policies and procedures. Support data classification initiatives and ensure appropriate access controls are in place. Collaborate on information security projects, including risk assessments and incident response planning. Liaise with internal teams to provide guidance on compliance and data protection matters. Help respond to data subject access requests (DSARs) and regulatory queries. What We More ❯

and review of data protection policies and procedures. Support data classification initiatives and ensure appropriate access controls are in place. Collaborate on information security projects, including risk assessments and incident response planning. Liaise with internal teams to provide guidance on compliance and data protection matters. Help respond to data subject access requests (DSARs) and regulatory queries. What We More ❯

Working closely with delivery teams, you’ll ensure security is integrated at every layer of the cloud ecosystem. You’ll also drive the DevSecOps mindset, integrating monitoring, alerting and incident response into group-level processes. What you’ll need Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security More ❯

ensuring compliance with industry standards. You will lead a team of security professionals, providing guidance and mentorship to drive operational excellence. Your role will involve overseeing security infrastructure, managing incident response, and working closely with vendors and internal teams to enhance the organisation's security posture. Additionally, you will champion security awareness initiatives, support audit and compliance efforts More ❯

working arrangements available. Please consult your recruiter for details. Grade: GG10 - GG11 Referral Bonus: £5,000 Job Description Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomalies without existing playbooks. Mentor team members and share knowledge proactively. Contribute to the SOC Knowledge More ❯

with troubleshooting efforts. Prepare and maintain standard operating procedures and protocols. Collaborate closely with the Cyber Defence team to uphold enterprise defence practices, guidelines, and procedures. Provide support for incident response efforts as needed. Assist with operational and management reporting produced by the team. Skills/Qualifications A highly self-motivated individual with positive mindset & can-do attitude More ❯

NEED TO BRING TO SONEPAR UK? • Technical Cybersecurity Expertise: Demonstrated experience in implementing and managing security controls across hybrid environments, including endpoint protection, threat detection, and vulnerability management tools.• Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents, minimizing impact and ensuring rapid recovery through structured analysis and remediation.• Threat Awareness & Risk Mitigation: Skilled More ❯

incidents. Key responsibilities include: SIEM Solution Management: Oversee the full lifecycle from deployment to continuous improvement. Use Case Development: Design and implement use cases to support security monitoring and incident response. Threat Intelligence Integration: Integrate external CTI into the SIEM platform to enhance proactive threat detection. To be considered for this role, you should have a background as a More ❯

Provide expertise on security technologies such as firewalls, VPNs, IDS/IPS, and encryption. * Maintain knowledge of relevant laws, regulations, and industry standards related to network security. * Participate in incident response. Critical Skills for Success * Experience in IT security architecture or a similar role. * Strong analytical and problem-solving skills. * Experience with security technologies such as firewalls, VPNs, IDS More ❯