76 to 100 of 369 Incident Response Jobs in the UK excluding London

high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation and mentor to junior SOC … and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response … of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working experience in leading security incidents at all levels related to incident response Working experience in managing 2nd/3rd level security events Ability to manage strong relationships with global security operations colleagues and other departments, including network teams and More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

In this role, the Head of Cyber and IT will manage cloud infrastructure to ensure availability, scalability, and performance. The role also involves ensuring compliance with security standards, leading incident response and vulnerability management, and overseeing internal IT support and enterprise system administration. Additionally, the position requires building and leading a scalable team, aligning with DevOps on infrastructure … QA. Implement cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure and implement policies and procedures for disaster recovery and business continuity. Work with the More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

incidents effectively. Review and provide expert guidance on works and reports from the MSSP to ensure quality and relevance. Proactively identify emerging threats and continuously enhance threat detection and response processes. Conduct regular vulnerability assessments, ensure timely remediation, and recommend strategic improvements to reduce risk exposure. Design and maintain comprehensive security playbooks to standardise incident response and … standards. Deliver guidance and training to staff on cybersecurity best practices to foster a security-conscious culture. Profile Demonstrated experience in Cyber Security operations, including threat hunting, detection and response, and vulnerability assessment and remediation. Extensive hands-on experience working within a Security Operations Center (SOC) environment. Proven ability to design and implement effective security playbooks for incident response and operational consistency. Strong experience in configuring, tuning, and deploying SIEM and other security tools-preferably Microsoft Sentinel and Microsoft Defender suite. Industry-recognised certifications (e.g., CISSP, CISM, CEH, Azure Security Engineer) are highly desirable. Excellent communication and stakeholder management skills, with the ability to translate complex technical concepts into clear, actionable insights for non-technical audiences. More ❯

execute the overall Cyber Security strategy, ensuring it aligns with business objectives, manages risk, and supports the firm's rapid growth. Oversee the Cyber Security function, including Security Operations, Incident Response, and Governance, Risk, and Compliance (GRC) specialists, providing leadership, mentorship, and effective resource allocation. Establish and enforce a robust security governance framework, including policies and procedures for … PCI DSS if applicable). Manage and continuously improve the firm's security architecture and controls across all domains: network, cloud (SaaS/IaaS), endpoints, and applications. Lead the Incident Response and Disaster Recovery programs, ensuring capabilities are tested, effective, and ready to mitigate the impact of security breaches. Drive security awareness and training programs across the organization More ❯

business teams to implement strong cryptographic controls. Drive improvements in secure key lifecycle management, encryption, and authentication processes. Ensure the operational reliability and security of cryptographic services through monitoring, incident response, and proactive risk mitigation. Essential Skills & Experience Proven experience in Cryptography, Secure Key Management, and Information Security. Hands-on expertise with HSM configuration, installation, and support. Experience … and documentation tools (e.g., MS Office). Highly Valued Skills Security or cryptographic certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, or equivalent). Experience in operational security environments, including incident response, risk management, and change control. Familiarity with SharePoint, Confluence, JIRA, and Unix/Windows environments. Knowledge of data protection regulations, compliance standards, and privacy frameworks. Strong technical More ❯

systems Understanding of aviation safety management systems and their integration with cybersecurity programmes Familiarity with certification processes and regulatory compliance in aerospace or similar sectors Knowledge of threat detection, incident response, and security monitoring technologies Leadership & Communication: Proven ability to lead security programmes in fast-paced, innovative technology companies Excellent stakeholder management skills, with ability to influence at … relationships and third-party integrations Security Architecture & Implementation: Design and implement security architectures for aviation systems, including industrial control systems and hydrogen infrastructure Establish security monitoring, threat detection, and incident response capabilities Oversee security measures for intellectual property protection, particularly around proprietary hydrogen-electric technologies Manage security requirements for certification and regulatory data integrity Team Development & Governance: Build More ❯

role in strengthening our clients’ security operations. This is a hands-on, strategic position within the Technical Operations team, where you’ll set the direction for security practices, guide incident response, and support the growth of the wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement, and maintain robust security controls across … infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out regular threat and vulnerability assessments, applying effective remediation strategies Coach and mentor colleagues, keeping the team ahead of evolving risks and technologies More ❯

role in strengthening our clients’ security operations. This is a hands-on, strategic position within the Technical Operations team, where you’ll set the direction for security practices, guide incident response, and support the growth of the wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement, and maintain robust security controls across … infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out regular threat and vulnerability assessments, applying effective remediation strategies Coach and mentor colleagues, keeping the team ahead of evolving risks and technologies More ❯

experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards … of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

brilliant opportunity for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. You'll lead on threat detection, incident response, and security improvements, working closely with teams across the business to maintain compliance and best practice. What you'll do: Lead threat detection, incident response More ❯

having game-changing technology within their industry, with exciting scope for expansion into further industries. This role is looking for someone to work within the SRE team responsible for incident response and issue resolution. Location: Cambridge Salary: £32,000 £60,000 + excellent benefits (£32,000 for a new Graduate) Requirements for Site Reliability Engineer Graduate Considered: Excellent … degree from a leading international University in a STEM subject A minimum of ABB at A-Level or international equivalent if applying at Graduate level Experience working in an incident response or 3rd line technical support environment Brilliant communication skills this role is a highly interactive role Ideally, you will have knowledge of modern infrastructure and operational tooling More ❯

seeking a Head of Cyber Security to lead from the front, shaping security strategy across legal, IT, and client-facing systems. Youll define security architecture, lead threat assessments, manage incident response, and ensure compliance with regulatory standards relevant to legal practice. This role offers you a unique opportunity to build a security function in a high-stakes environment … identity & access management, network security, encryption, threat modelling Hands-on knowledge securing hybrid and cloud infrastructure (AWS/Azure/GCP) Experience building and managing security teams, setting processes (incident response, SOC, vulnerability management) Familiarity with compliance/legal security requirements (e.g. GDPR, Legal Privilege, regulatory/security audits) Strong stakeholder management able to communicate with partners, executives More ❯

As a Cybersecurity Analyst at EG Group, you will be responsible for monitoring and triaging alerts escalated from partners and wider internal teams. You must have working experience of incident response and end-to-end security processes and procedures. You will provide a comprehensive range of technical, operational, and risk management services. By working closely with our global … identified vulnerabilities, collaborating with other technology teams. Remediate incidents escalated from tier 1 SOC analysts. Assess the scope and impact of the attacks on affected systems and networks. Conduct incident response activities using IOCs to identify and contain threats. Stay updated on emerging threats and technologies. Maintain and tune XDE/MDR/EDR and supporting tools. Tracking More ❯

can lead engagements, provide authoritative advice, and help shape our cyber security services. You will work primarily in Audit & Assurance and Risk & Compliance, with the opportunity to contribute to Incident Response where needed. There will also be opportunities to define and lead other areas of cyber security. What youll be doing Lead and deliver client engagements across governance … quality deliverables, audit reports, risk assessments, control mappings, and remediation roadmaps. Stay ahead of the curve, monitor emerging threats, regulations and standards, and translate these into actionable guidance. Support incident response activities where required, providing expertise during investigations and post-incident reviews. Mentor and develop colleagues, sharing knowledge and contributing to the growth of our cyber practice. … Market Harborough) and client site visits as needed. Professional development, support for CPD, including maintaining Chartered status and relevant certifications. Varied engagements, opportunities to work across multiple domains, including incident response. Package 3% Pension contributions 25 days holiday + Bank holidays Option to purchase an additional 5 days holiday Home based with an expectation of 1 day in the More ❯

Own the end-to-end operational strategy for system availability, performance, and security monitoring. Oversee the day-to-day execution of infrastructure and security services, ensuring operational excellence and incident response readiness. Partner with the CISO to shape long-term strategy and roadmap for secure, resilient IT services. Drive automation, observability, and scalability across the infrastructure and security … a leadership role. Strong background in systems engineering, networking, cloud infrastructure (AWS preferred), and enterprise security tooling. Demonstrated experience building and leading high-performing technical teams. Deep understanding of incident response, security monitoring, and operational risk management. Hands-on ability to troubleshoot, assess risk, and solve complex infrastructure and SecOps challenges. Excellent communication skills with the ability to More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

hands-on role, you'll design and implement a comprehensive information security framework , ensuring compliance with industry standards and supporting business objectives. You'll collaborate with senior stakeholders, oversee incident response, and drive continuous improvement in policies, controls, and awareness initiatives. Key Responsibilities Develop and execute an information security strategy and roadmap aligned with business goals. Lead on … governance, compliance, and audit processes across the organisation. Manage incident response, penetration testing, and risk assessments. Support secure software development and supplier risk management. Promote security awareness and report regularly to senior leadership on risk posture. Skills & Experience Required Previous experience in an information security or IT risk management role. Strong understanding of frameworks such as ISO More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯