51 to 75 of 242 Incident Response Jobs in the UK excluding London

Security Clearance Central Government client requires Duty Managers/Analysts to operate within a high-security, mission-critical environment These are not traditional Major Incident Management (MIM) or technical resolver role s Instead, the focus is on operational command, coordination, and real-time situational awarenes s across multiple domains … cross-functional awarenes s Responsibilities The Manager acts as the on-shift operational commander , with responsibility for: Leading real-time operational decision-making and incident command Coordinating across multiple domains including: Security Operations (SOC) Network Operations (NOC) Infrastructure Physical Security Declaring and escalating Major Incidents (MI) Maintaining the single ...

ideal for someone who brings experience of well-established cyber operations and can apply that knowledge to strengthen and evolve our detection and response capability in a complex NHS environment, where patient safety and operational continuity are critical. You will work with tools including Sophos Intercept X and Secureworks … operation and ongoing development of our SOC and SIEM capability Own and continuously improve detection use cases, alerting, triage, and response processes Act as a technical lead for monitoring and detection , ensuring controls are effective, proportionate, and aligned to risk Investigate and respond to security incidents , providing clear, risk ...

network and security infrastructure, ensuring robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats … Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding of data security, threat analysis, and security best practice Essential Requirements Strong problem-solving and analytical skills Excellent communication ...

leading global financial institution seeking a Lead Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience … within Cyber Operations, SOC or Incident Response environments* Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.)* Knowledge of threat detection, malware analysis, endpoint, network or cloud security* Scripting experience (Python, PowerShell or similar)* Strong understanding of cyber risk, controls and security governance* Excellent stakeholder management ...

Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes … cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate ...

effectively enforced and adhered to across the organisation. Hands-On DeliveryRemain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Lead and participate in cyber incident response ...

vulnerabilities, and malware attack vectors. What We Are Looking For: Experience: Ideally 1-2 years of experience in a similar SOC, security monitoring, or incident response role. Technical Knowledge: A solid grasp of computer networks, operating systems, and core cybersecurity principles. Security Tools: Good working knowledge of security … technologies such as firewalls (network/application), host intrusion prevention, and antivirus software. Mindset: A strong understanding of common attack vectors, malware types, and incident response fundamentals. Critical Requirements: Security Clearance: Due to the secure nature of the environment, candidates must hold active UK Government SC Clearance ...

working with a big banking client based in the Knutsford, and they’re looking for a Lead Cyber Operations Analyst with strong experience in Incident response to join their team. The ideal candidate: Hands on expertise with incident response and managing cyber security incidents. Experience ...

reports directly to the Chief Information Officer (CIO). You will be accountable for shaping cyber strategy, overseeing governance and risk management, and leading incident response capabilities, while providing assurance on organisational cyber resilience at executive and board level. This role involves Develop and deliver a cyber security … strategy and roadmap aligned to organisational priorities and relevant government resilience frameworks. Oversee cyber security operations, including incident response, threat monitoring, vulnerability management, and third-party security services. Act as the senior cyber authority, offering expert guidance and clear assurance on cyber risk, compliance, and resilience to senior ...

plus core services. LAN/WAN network security & patch management. VM management (VMware/Proxmox). Cyber Security & Firewall management. AWS cloud administration. IT Incident response & DR. What youll need: A minimum of 5+ years experience in IT Infrastructure/Networking/Service Delivery or equivalent roles. … patching, software deployment and lifecycle management). Working knowledge of identity and security controls (e.g., MFA, Conditional Access, RBAC/least privilege) and supporting incident response activities. Experience working within a Service Desk/ticketing environment, managing workload to SLAs and owning incidents/requests through to resolution. ...

firm's technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: * Monitor security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. * Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). * Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. * Support ...

partnered with a growing cyber security business in Buckinghamshire, supporting customers with threat monitoring and incident response services. They are looking for a Cyber Security Analyst to join their growing SOC team, helping to investigate and respond to live security threats across customer environments. In this Cyber Security … role, you will: Investigate and respond to security alerts across endpoint, network, and cloud environments Carry out deeper analysis on suspicious activity and support incident response actions Work closely with wider technical teams during live investigations and escalations Help improve detection processes, alert quality ...

senior levels, influencing senior stakeholders with effective articulation of business and operational risk in clear and pragmatic terms. Lead and participate in cyber incident response exercises and real incidents Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. … OT. Support audits, assessments, and regulatory or customer assurance activities. Remain hands-on in the day-to-day operation of cyber security, including: Incident response and investigation. Security tooling, monitoring, and vulnerability management. Supplier and third-party risk assessment. Experience required Experience owning a cyber security strategy encompassing ...

strengthen the security posture of critical systems. This is a hands-on role for a LogRhythm specialist with strong experience in security monitoring, incident response, and deep-dive analysis within secure environments. What you’ll be doing: Monitoring and analysing security events using LogRhythm Investigating and responding … alerts and incidents Producing detailed incident reports and root cause analysis Tuning and optimising detection rules and use cases Supporting LogRhythm administration (2nd-line level) Mentoring junior analysts and improving SOC processes What we’re looking for: Strong LogRhythm experience (Client & Web Console) Proven SOC/incident response ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Glasgow, Scotland, G2 4JR Type: Temporary Contract Hours: 8-Hour Shifts | 24 x 7 x 365 Operational Environment (Days … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Small Heath, Birmingham, West Midlands, B10 0HQ Type: Temporary Contract Hours: 8-Hour Shifts … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

leads with cross-functional collaboration. Key Accountabilities Delivering Solutions Develops and implements OT cyber security strategies, including risk assessments and vulnerability analysis. Leads incident response and oversees implementation of security controls, monitoring, and access management. Contributes to network design, including segmentation, firewalls, and intrusion detection for OT environments. … solutions. Strong understanding of communication protocols (e.g., TCP/IP, Modbus, OPC, IEC 61850) and network infrastructure. Proficiency in security risk assessment methodologies and incident response frameworks. Ability to analyse and mitigate threats specific to critical infrastructure and OT environments. Experience with security monitoring tools, SIEM, and anomaly ...

activities. Monitor compliance across endpoint and network security solutions. Configure, maintain and support anti-malware, device control and Data Loss Prevention (DLP) technologies. Support incident response activities, security investigations and remediation of security breaches. Maintain backup and recovery procedures for network and security systems. Configure, manage and troubleshoot … WildFire. Experience with IDS, IPS, DLP, DDoS mitigation and security monitoring technologies. Strong experience supporting Cisco ISE and posture compliance environments. Experience with security incident response and vulnerability remediation. Strong troubleshooting and analytical skills. Excellent communication and stakeholder management abilities. Desirable Experience Relevant certifications such as CCNP, CCIE ...

implementation and improvement of security controls. Develop and deliver a company-wide information security training and awareness programme. Serve as the Primary Incident Response Manager for information security incidents. Manage and review information security risks across the organisation. Lead information security improvement initiatives. Oversee supply chain information security … risks and vendor assessments. Essential Skills & Experience Strong experience in policy and standards development. Cyber incident response expertise. Security architecture knowledge. In-depth understanding of ISO27001 controls. Experience with Cyber Essentials Plus certification. Strong risk management capability. Proven ability to communicate with and influence senior stakeholders. Desirable Audit ...

develop and enhance digital resilience policy documentation Strategic Change Management: lead transformation initiatives and security improvements Vendor & Partner Management: partner with IR and MSSP Incident Response & Crisis Management: Lead coordination of security incidents Education & Awareness: Design/Deliver cyber training programmes Risk Management & Reporting: Oversee comprehensive cyber risk … Management: Manage security elements of vendor management framework Digital Resilience Manager: Experience Experience working with MSSPs, Security Vendors, Managed Service providers Experience in security incident response and crisis management Policy development and documentation Knowledge of vendor management & procurement security requirements Data protection knowledge - GDPR, UK GDPR Desirable ...

Cyber Essentials) Experience overseeing governance, risk, and assurance activities Broad technical understanding across networks, cloud, infrastructure Hands-on experience leading or coordinating cyber incident response Ability to translate technical risk into clear, business-focused messaging Experience producing reports, dashboards, and presenting to senior stakeholders Strong people leadership skills … System (ISMS) Ensure alignment with standards such as ISO 27001 and Cyber Essentials Identify, assess, and mitigate cyber risks, maintaining the risk register Lead incident response capability, ensuring plans are tested and effective Monitor the threat landscape and advise on emerging risks and mitigations Manage and develop ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...