151 to 175 of 378 Incident Response Jobs in the UK excluding London

to organizations of all sizes. The team supports a broad range of cutting-edge security technologies, helping customers secure their networks, applications, and infrastructure through proactive monitoring, management, and incident response. As demand for managed firewall and security services grows, my client is looking for a Network Engineer with strong networking fundamentals and a willingness to learn advanced security … Role Overview As a Network Engineer within the Security Operations Center (SOC), you will help manage and support customer network security environments. Youll work on firewall configurations, troubleshooting, and incident response, while gaining exposure to SIEM tools and advanced security solutions. Full training and development opportunities will be provided. Key Responsibilities Monitor and manage client firewalls, VPNs, and More ❯

vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and maintain dashboards Optimize alerting to prevent alert storms and missed alerts Provide support for ITHC coordination, access provisioning, and post-engagement resolution. Act as a liaison … Defender for Cloud Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations Proven ability to lead incident response and vulnerability remediation efforts Nice-to-Have Skills Familiarity with multi-cloud environments (AWS, GCP) Experience in coordinating ITHC assessments and managing audit findings Knowledge of cloud More ❯

aligned with ISO 27001, NIST, and CIS frameworks. Produce detailed documentation for configurations, processes, and troubleshooting. Collaborate with global cloud, security, and infrastructure teams for consistent, secure operations. Support incident response, root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding More ❯

Produce and maintain technical documentation, including architecture diagrams, procedures, and operational controls. Assist with compliance activities and audits relating to ISO 9001, ISO 27001, and other regulatory frameworks. Support incident response, risk assessments and cybersecurity best practices (Cyber Essentials Plus desirable). Handling Active Directory and Group Policy administration Collaborate with cross-functional teams to ensure smooth delivery More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information … IAOs) to review the ISMS, maintain up-to-date asset profiles, and ensure all major risks have defined treatment plans. Manage security incidents, taking responsibility for investigation, resolution, post-incident reporting, and leading ad-hoc response teams during critical situations. Develop and implement strategies for raising information security awareness, including creating and disseminating training materials (in-person, e More ❯

availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incident response and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯

followed. Conduct continuous internal security assessments, including Privileged Access Reviews and Cloud Configuration Audits, and own the resulting remediation activities end-to-end. Develop automation and tooling to reduce incident response times and eliminate repetitive tasks for the security team. Define and deliver security standards, policies and processes for the group and review in a timely manner. 2. … Threat Detection & Response Support and enhance detection logic across all computing environments in collaboration with our security partners. Perform deep, forensic-level investigations when security incidents occur. The goal is simple: learn from every event and prevent the same issue from ever recurring. Lead the technical remediation efforts for security incidents and identified vulnerabilities, working closely across IT and … communication skills, especially the ability to communicate complex technical security concepts and risks to all levels of the organisation. A deep understanding of attacker methodology, detection techniques, and how response frameworks relate to the role. Experience working in cloud-native environments, specifically focusing on building and integrating security tooling to identify and mitigate misconfigurations. Strong analytical, troubleshooting, and problem More ❯

for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security … for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT Management Lead IT support, enterprise systems, and More ❯

Desired technical skills: Microsoft 365 (Entra ID, Exchange, Teams, SharePoint, Intune, Azure) Windows Server/Active Directory, Networking fundamentals (DNS, DHCP, VPNs, firewalls). Security tools, vulnerability management, and incident response Security technologies (firewalls, IDS/IPS, SIEM, vulnerability scanners) Familiarity with Microsoft Defender and Mimecast. Strong analytical and troubleshooting skills across complex IT environments. Experience of Compliance More ❯

Ensure robust update control, patch management, and system monitoring. Governance & Security - Implement and maintain strong IT governance frameworks, including risk management and compliance. - Lead cybersecurity strategy, including threat detection, incident response, and staff awareness training. - Ensure compliance with GDPR and other relevant regulations. Vendor & License Management - Manage relationships with external IT support providers and software vendors. - Negotiate contracts More ❯

to identify incidents ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. Complete post incident reporting. Responsible for SOC work instructions, ensuring they are reviewed & amended. Use Case Factory development Playbook design and development Use Case & Playbook validation before going live Maintain currency in … Tactics, Techniques and Procedures (TTPs) SANS SEC401: Security Essentials (or equivalent) SANS SEC503: Network Monitoring and Threat Detection In-Depth (or equivalent) SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) Desirable Knowledge of Reverse Engineering Malware Practical Junior Malware Researcher (PJMR) SANS SEC488: Cloud Security Essentials (or equivalent) CREST Certified Network Intrusion Analyst (CCNIA) (or equivalent … SANS FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA) Soft Skills/Qualifications The 3rd Line Analyst is expected to be able to present and write professional reports to key stakeholders All staff are expected to exercise good time management and work as part of a team You will work from Airbus Protect offices, Newport, South More ❯

a critical national infrastructure (CNI) environment. Key parts of the role: Asset Tracking & Documentation Support. Lifecycle Management Assistance Compliance & Reporting Vendor & Supplier Coordination Continuous Improvement Support Cost Management & Optimisation Incident & Problem Management Support Collaboration with Internal Teams What you'll need to succeed Proficiency with asset management software tools such as ServiceNow, CMDB, or similar enterprise solutions. Understanding of … asset lifecycle management processes, including procurement, deployment, tracking, maintenance, and decommissioning of OT assets. Good understanding of incident response stages and handling. Knowledge of industry standards and regulatory requirements related to asset management, such as data protection and environmental compliance, ISO27002, CIS, NCSE CAF, NIST. Familiarity with tracking and managing lifecycle costs, working in partnership with finance and More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (extension 8144) and More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions More ❯

and the ability to develop effective relationships across all levels of the organisation. Main duties of the job Key areas of responsibility:>Security Architecture Design, Implementation,Monitoring and Support> Incident Response> Risk and Vulnerability Management> Policy and Compliance> Handing User Requests, Audit and System Testing> User Education and Training> Continuous Improvement, Budgeting and Cost Saving> Documentation and Reporting … England. Our core operations focus is the delivery of emergency ambulance 999 services (A&E). We have 92 ambulance stations, two Emergency Operations Centres, and two Hazardous Area Response Teams (HART).Our vision is that together, we will deliver the best care when people in the region need us most.To achieve this, the Trust has a five-year More ❯

Excellent communication and stakeholder engagement skills. Passion for continuous learning and staying updated on emerging threats. Ability to translate technical risks into business impacts. Familiarity with SIEM tools and incident response processes. Closing date: 24 th October Shortlist date: 25 th October Interview date: TBC More ❯

compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with DevOps teams. Support incident response & recovery for cloud-native environments. What You Bring Strong cloud architecture background. Knowledge of UK regulatory frameworks. IaC experience (Terraform/Deployment Manager). Understanding of monitoring More ❯

and manage security incidents, including malware and ransomware threats. Collaborate with third-party cyber security providers to deploy and maintain security capabilities. Conduct root cause analysis and contribute to incident response planning. Ensure compliance with industry regulations and internal governance frameworks. Stay up to date with the latest Azure and security technologies and best practices. Skills and Knowledge More ❯