51 to 75 of 447 Incident Response Jobs in the UK excluding London

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an Embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience eg Python More ❯

key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure … tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments Strong understanding of threat detection and incident response Certifications (any of the following highly desirable): SC-200: Microsoft Certified - Security Operations Analyst Associate SC-300: Microsoft Certified - Identity and Access Administrator Associate AZ-500: Microsoft More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: * Effective Tier 1 to 2 alert triage … Solutions Lead with project activity * Conduct proactive threat hunting in collaboration with the CTI function * Conduct HR and InfoSec related investigations * Ensure the timely triage and remediation of any incident or request tickets raised to the SOC * Participate in the activity of adding/removing URLs from the AcceptList and BlockList * Attend routine security meetings Modis International Ltd acts More ❯

while staying updated on the latest security threats and trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data within Azure Sentinel. More ❯

teams Work with our Channel team to help support and enable our Distributors and Resellers You will become an expert in Email Security, Advanced Persistent Threats, Attack Protection, Threat Response, Data Loss Prevention (DLP), and the threat landscape Occasional travel required. What You Bring To The Team Proven hands-on experience, either as a Sales/Systems Engineer, Technical … are recommended Enterprise email solutions such as Exchange, O365, G-Suite, Lotus Dominoorworking knowledge of SMTP IT security related areas such as Vulnerability and Risk Management, Security Operations or Incident Response Data Loss Prevention (DLP), compliance and data privacy Cloud security and shadow IT monitoring Cloud computing Infrastructure (e.g. AWS/Azure) Nice to have Hands on experience More ❯

seeks a Microsoft Security (Sentinel) Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35 Role Overview:Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration … SOC operations. Responsibilities:Lead technical migration of log sources into Microsoft Sentinel SIEM.Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities.Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management.Collaborate with Cyber … Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency.Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.Collaborate with third-party vendors and service providers to More ❯

Systems and SCADA networks from evolving cyber threats.Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure … ecosystem. Essential Skills & Experience: Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause More ❯

risks, coordinate remediation strategies, and enhance executive-level reporting. Key Responsibilities: Define and enforce security best practices across cloud environments (Azure, AWS) Lead cloud security risk assessments, audits, and incident response efforts Integrate security into CI/CD pipelines and DevOps operations Manage and interpret insights from cloud-native security tools (e.g., GuardDuty, Azure Defender) Ensure compliance with … in technical cyber roles (SOC, security engineering, threat analysis) Minimum 3-5 years working in cloud environments Deep knowledge of Microsoft Azure (and ideally AWS) Expertise in vulnerability management, incident response, and cyber risk triage Strong understanding of cloud security principles and the shared responsibility model Familiarity with frameworks like MITRE ATT&CK and Zero Trust architectures Confident More ❯

. You will contribute to: Risk Management : Conduct risk analysis and interpret first-line operational outputs to support VPI’s overall cyber security risk posture. Operational Security : Assist in incident response testing, data management, and coordination of cyber security with physical and personnel security teams. Human Risk Management : Develop cyber security awareness materials, manage phishing protection programmes, and … Security : Support the integration of security policies into DevOps processes and cloud-based tools. Business & Change Management : Contribute to risk mitigation strategies for business development and internal change projects. Incident Response : Act as a responder within VPI’s cyber security incident framework. What we’re looking for We are seeking a self-motivated individual with a strong More ❯

that underpin secure business operations. They will play a key role in shaping and executing the IT security strategy, acting as a subject matter expert while supporting compliance, training, incident management, and continuous improvement efforts across the organisation. Key Responsibilities: Oversees the daily operations of the IT Security team, ensuring service levels and internal objectives are consistently met. Leads … security projects, aligning them with broader strategic objectives and deadlines. Contributes expert guidance into IT strategy and supports its implementation from a security standpoint. Owns the organisation's security incident response process, including investigation, reporting, and post-incident analysis. Assesses existing system security and proposes improvements to strengthen infrastructure resilience. Ensures the secure handling, processing, and transfer … AWS). Experience with security frameworks and regulatory compliance, including ISO 27001 and GDPR. Demonstrated ability to lead, coach, and develop high-performing technical teams. Track record of managing incident response and conducting technical investigations. Confident multitasker with strong project delivery and organisational skills. Experience in performing or participating in IT security audits. Excellent communication skills, both verbal More ❯

. You will contribute to: * Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. * Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel security teams. * Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and … Security: Support the integration of security policies into DevOps processes and cloud-based tools. * Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. * Incident Response: Act as a responder within VPI's cyber security incident framework. What we're looking for We are seeking a self-motivated individual with a strong More ❯

development, testing, and annual validation of disaster recovery and backup plans. Create and maintain up-to-date security documentation. Act swiftly and collaboratively in the event of a cyber incident, ensuring optimal recovery. Stay current with emerging threats and technological advancements in cybersecurity. Prepare for and manage annual penetration testing in collaboration with external vendors. Adhere to all Health … for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness & Risk Mitigation … shifting priorities in line with business objectives. High attention to detail and a strong commitment to accuracy and quality. Resilient and composed under pressure, especially in high-demand or incident response scenarios. ECS Resource Group are an Equal Opportunity Employer, for more information please click the following link: (url removed) In accordance with the Equality Act 2010, if More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

and procedures to ensure data security, privacy, and compliance with relevant regulations. Conduct regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber … threats targeting the organisation. Participate in or lead incident response activities related to email security breaches or data loss events. Develop playbooks and procedures for responding to incidents involving Proofpoint solutions. Required skills & Qualifications Expertise in data security, cybersecurity, or a related field. Hands-on experience with Proofpoint implementations (e.g., Email Protection, Targeted Attack Protection, Information Protection). More ❯

tickets in Primarks service desk system for the Primark environment Contribute to the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response Participant in the triaging events from a wide range of sources, including reports from employees, security systems and threat intelligence data Perform analysis and response to … for this role in particular: 3+ years enterprise cybersecurity IT experience, ideally with Cloud technologies and On premise experience Experience in Cyber Security Operations with a track record in Incident Response and Investigations Solid foundation in modern operating systems and networking protocols Experience of working in multi-skilled teams Strong appreciation & adherence to processes, defined roles & responsibilities and More ❯

delivery, with relevant industry or academic experience to meet the requirements of the role. Delivery within a proactive cybersecurity system where monitoring and threat intelligence drive delivery alongside great response to incidents as they emerge, including in partnership with 3rd parties. Familiar with the application of security certifications such as ISO27001, NIST to global organisations with significant outsourced value … data privacy and data handling issues in organisations with significant outsourced value stream activities In the field of Information and Cyber Security experience of; risk management processes, management of incident and resolution, development and reporting of key KPIs, audit and continuous improvement response and delivery through external partnerships Definition and delivery of policy and process documentation to support … incident response, proactive management and audit Essential capabilities: Development agility - Bicycle is a growing and evolving company. You will have the opportunity to be self-starting, entrepreneurial and eager to develop within a supportive environment Partnership - Information and cyber security is critical to our business success. You will need to deliver with business stakeholders not to them - our More ❯

organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise for enterprise, cloud and air-gapped environments along with More ❯

standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement, cross More ❯

Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden AKS … hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry monitoring and improvement of detection logic and alert fidelity. Leadership & Mentoring Provide engineering mentorship to More ❯

strategies. Your responsibilities will include maintaining detailed documentation on security architecture, patterns, and practices, advising on critical aspects such as data protection, identity and access management, network security, and incident response within Azure. Staying abreast of the latest Azure security capabilities, threats, vulnerabilities, and industry trends will be essential. You will also support audit, compliance, and regulatory requirements More ❯

SOC Analyst to join their established Security Operations Centre (SOC), working alongside a team of experienced Cyber Engineers and Analysts. This is a critical role where you will lead incident investigations, mentor junior analysts, and represent the SOC in key stakeholder engagements. Your new role Monitor, triage, and investigate security alerts using protective monitoring platforms Interpret system logs and … reports to identify intrusions, threats, or policy breaches Lead the team in incident investigations and determine appropriate response actions Oversee the implementation of resolutions and ensure effective incident handling Analyse security event data to support customer incident response Represent the SOC in meetings, advise on new services, and assess operational impact Stay up to date More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient … operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing team, driven with context of emerging More ❯

automation, cloud technology, and fast-paced problem-solving—and want your work to have a real impact—this could be the perfect role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep … facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incident response during critical … events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills: Experience More ❯

plus benefits . The role As Security Operations Manager, you will lead and manage the Security Operations Team and have responsibility for security event monitoring, management and incident response. Reporting to the Chief Information Security officer, you will focus on ensuring the Pennon Group's Corporate and Operational Technology information systems are available, integral and confidential. What you'll … be doing Lead and provide first line supervision to the Security Operations Team that is primarily responsible for security event monitoring, management and incident response. Act as the focal point for any investigations involving information security. Provide management oversight for information security incident identification, assessment, and response, reporting, communication, mitigation and monitoring. Play a significant role in … for Extensive IT knowledge and experience in Cyber Security and Information Security standards and frameworks such as ISO27001 and Cyber Essentials. Confident in leading and managing teams Proficient in Incident Management and Response procedures and familiarity of ITIL. Extensive and broad-based IT and business experience, delivering diverse corporate and operational IT services in a medium/large More ❯