1 to 25 of 59 Incident Response Jobs with Hybrid or WFH Options

One of our premier clients is seeking an Incident Response & Forensics Team Lead for their growing team. This role is worked mostly remote with occasional strategic meetings in either the Germantown or DC offices. So need to be in a drivable difference from either location. Role REQUIRES an … to cyber incidents. This role provides technical support in areas of cyber security to include cloud security, endpoint security, access management, secure networking and incident response. We need someone with cyber incident investigation and forensics experience (GCFE, GCIH or CySA); experience on EnCase or Cellebrite tooling would be … great too. The ideal candidate will have a background in incident handling and forensics that has been matured into a mid-level PM. Responsibilities include, but are not limited to: • Manage day to day operations of the team • Perform briefings, direct coordination with the customer, develop responses to incidents more »

and managing the technical controls required to ensure the organisations technology estate is protected against risk from cyber-attack. You will also lead the response procedures and investigations of security events or incidents, remediating those incidents, identify potential process improvements, and maintain organisational readiness. As the Security Analyst, you … security alerts on protective monitoring platforms to identify security incidents. Review high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring Guide and direct specialist activities of others, actively promoting development in the applicable … a set of assets, providing tailored specialist or complex advice on ways to improve control mechanisms and mitigate risks Oversee the planning, testing, and response to security and emergency incidents or concerns, and providing informed recommendations on Technical Security issues to internal and external stakeholders. Lead multi-team assessment more »

understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incident response procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »

Performing safe upgrades and patches where required Providing accurate and informed security insights internally and with the organisation's customers Making sure levels of incident response are appropriate What you'll need to succeed A good background in Network Security within a large scale complex organisation Experience setting more »

data and act on discrepancies to ensure data accuracy. Engage with colleagues to ensure accurate and timely communication of changes to information. Supporting with incident response and contingency planning. Take ownership of documentation management. Work with colleagues to identify and communicate environmental efficiency opportunities (e.g. waste management). more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

SITE) RATE: £550 A DAY INSIDE IR35 LENGTH: 6 MONTHS WITH SCOPE TO EXTEND Key responsibilities Alert monitoring, Security Events analysis, Log Management Security Incident response management Manage, tune, and optimise SIEM tool (Sentinel), which includes evaluating existing rules, filters, events and use cases per the business requirement more »

UK Role Responsibilities 7-10 years experience in site reliability engineering, with at least 3 years in a leadership role. Maintain production stability through: Incident Response, DR planning & roleplay Performance monitoring & healing Security monitoring & remediation/response Infrastructure hardening (e.g. security baselining & enhancements) Infrastructure maintenance (e.g. serverless more »

strategic goals, and drive implementation. End-to-End DLP Management: Managing all aspects of DLP within a business, including policy creation, deployment, monitoring, and incident response. Data Leakage Considerations: Awareness of potential ways data can leak out of an organisation External Data Sharing: Knowledge of secure methods for sharing more »

and managing automation scripts for deploying and configuring security agents across large environments. Experience in tuning and optimizing OpenSearch or Elasticsearch indexers. Experience with incident response processes and forensic analysis to support investigations and improve threat detection. Experience with cloud-native security tools and services Desired Qualifications: Advanced more »

C-SOC) with two laboratory sites. You will assist STFC's cyber team to define, practice,and verify the adequacy of the cyber critical incident response. You will also assist STFC's infrastructure team whomanage the BAU activities relevant to ongoing cyber assurance, patching, cyberreadiness, and routine incident … of relevant SME knowledge andexperience will ensure successful and secure project outcomes. What you'll needto succeed A relevant information security/information managementbackground. Incident management experience and an ability toquickly tailor responses to deal with fast-paced situations. Proven people & stakeholder management skills. Knowledge of Information Security standards more »

role will require someone with excellent knowledge of: GDPR, Business Continuity and Disaster Recovery Planning, Information Security Policies, Creating Education and Awareness programmes, Security Incident Response and Secure Development Processes (including OWASP). Third Party Supplier Management, Antivirus, Malware, threat hunting techniques and technologies are also highly sought more »

A DAY INSIDE IR35 LENGTH: 6 MONTHS WITH SCOPE TO EXTEND Key responsibilities: Alert monitoring, Security Events analysis, Log Management Microsoft Sentinel Security Incident response management Manage, tune, and optimise SIEM tool (Sentinel), which includes evaluating existing rules, filters, events and use cases per the business requirement Provide more »

into performance and health. Data Analytics Facilitation - Maintain our event streaming platform, Apache Kafka, to support robust data analytics and real-time data processing. Incident Response - Respond to incidents promptly, triaging, resolving, and escalating issues as needed to maintain system stability and reliability. Cross-Team Collaboration - Partner with more »

The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and Incident Response Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incident response playbooks and procedures. Lead incident response efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »

of ERP systems/applications (SAP, IFS, Epicor all considered) Good understanding of the terminology relating to ERP (Order to cash, procurement, customer experience, incident response) Responsible for coordinating the development and maintenance of the ERP application Provide oversight to end-user support Comfortable with reporting Power BI more »

that prides themselves on its commitment to innovation, sustainability, and safety. Day to Day Responsibilities: Lead and mentor a team of cyber detection and response analysts and provide feedback and performance evaluation. Take an active role in the development and implementation of the CSOC and ensure that the team … and alerts from various sources, such as network, endpoint, cloud, and threat intelligence. Identify and prioritize the cyber security incidents, escalate P1 and P2 incident to the Cyber Incident Response team. Review and validate the incident reports and recommendations and escalate the high-risk or complex … the SOPs and Playbooks for Cyber Detection. What are we looking for: Proven experience in a Cyber Security Operations Centre. Proven experience in Cyber Incident Response. In-depth knowledge of cyber threat landscape and attack vectors. Expertise in incident detection, analysis, and resolution. Understanding of CNI and OT more »

fit for purpose. Promote standardised solutions, with a view to optimise and expand services where appropriate. Automation and Orchestration to improve request fulfilment and incident response. Specialist Technical Expertise: Responsible for technical solutions, escalated/complex technical problems, documentation, and improvement. Sharing industry insight to make forward thinking technical more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

for security incidents, and responding promptly to security breaches. As a Cyber Security Analyst you will be gain exposure across: Security Infrastructure Vulnerability Management Incident Response Ideally you will have experience across: Security principles, techniques, and protocols Endpoints, servers, infrastructure and networking technologies Experience in supporting security systems more »

technical and process skills, as well as an architectural view and implementing security by design. Other essentials: Background that covers cyber technology, security operations, incident response, architecture, and training. Experience in implementing technology such as SIEM, XDR, SOAR, etc. Background in Financial Services or other regulated industries (desired more »

the women and men who serve in our armed forces and rely on the products and services this company creates. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world-class capability. more »

your communication skills must be very strong. You will have an excellent understanding of ITIL methodologies and demonstrable experience of working on IT Requests, Incident management, Change Management and Problem Solving. You will utilize ServiceNow and Manage Engine as the primary IT Service Management (ITSM) solution to efficiently manage … software licensing terms, license models and enterprise maintenance and support contracts. Work under limited supervision, both independently and within a team environment. Proficient in incident management tools and IT service management platforms with a focus on global incident response (e.g., ITSM, Jira, ServiceNow). Strong analytical and more »

Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps Practices, Security Scanning & Testing, Security Incident Response, Identity & Access Management (IAM), Secure Cloud Environments, Secure Code Reviews Nature: Permanent, Full Time Hours: Monday - Friday 09.00 -17.30 Gross pay … + 20% bonus, Health Care, Discounts & other benefits Key Activity: * Develop & Deploy Security Protocols * Perform Security & Operational Evaluations * Integrate Security & Operations within DevSecOps * Manage Incident Responses * Enhance Operational Effectiveness * Coordinate on Code Security & Operational Streamlining * Promote DevSecOps Principles * Address Security & Operational Incidents * Implement DevSecOps Enhancements Overview: As a DevSecOps … testing & vulnerability scanning within our CI/CD pipelines. * Conduct regular security assessments & audits to identify & mitigate risks. * Respond to security incidents & conduct post-incident analysis to prevent future occurrences * Stay up to date with the latest security threats, vulnerabilities, & industry best practices. * Collaborate with DevSecOps Product Owner, Run more »