26 to 50 of 190 Remote/Hybrid Incident Response Jobs

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...

improved access controls. Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes). Adhere to all internal service-related processes such as Alert & Incident Management processes. Assist with the creation of processes … when required and to have these align with existing processes. Document incident reports including actions taken in SOC Ticketing systems. Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily/weekly SOC reports for OT Environments. ...

ITSM platform Analysing alerts using a range of security tools including SIEM, EDR, and email security platforms Leading deep-dive investigations and working with incident responders to contain and eradicate threats Acting as the escalation point for Tier 1 analysts, offering guidance and technical support Conducting security assessments across … threat landscape with CTI-informed analysis and mitigation advice Who you are: Proven experience in a SOC or similar security role Strong background in incident investigation, threat identification, and response within SLAs Hands-on experience with SIEM, EDR, and email security tooling Ability to mentor and support junior ...

deliver high-quality technical solutions. Desirable Experience Automation experience (PowerShell, Python, API integrations) and/or systems administration background. Familiarity with security frameworks and incident response methodologies. Experience working with logging pipelines (e.g., AMA, Syslog, Cribl, SIEM tooling). Exposure to non-Microsoft security platforms such as CrowdStrike ...

involvement with strategic planning and leadership Shaping and owning our AWS infrastructure and reliability roadmap Defining and embedding SRE best practices, including monitoring, alerting, incident management, and capacity planning Establishing and evolving SLOs, SLIs, and error budgets in partnership with engineering teams Acting as a senior technical voice … architecture discussions and operational decision-making Supporting incident response and post-incident reviews, with a focus on long-term improvement Developing, mentoring, and empowering a high-performing engineering team Essential Skills & Experience Experience in a senior SRE, Infrastructure, or Platform leadership role Strong, practical experience operating production ...

principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation, and problem-solving capability Knowledge ...

Site Defender (KSD), WAF, and Bot Manager Implement and manage security policies, rulesets, and traffic routing configurations Monitor web traffic, identify threats, and support incident response activities Tune WAF and bot protection rules to minimise false positives and enhance effectiveness Support CDN configuration, caching strategies, and performance optimisation ...

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

first security programme across infrastructure, endpoints and cloud environments. Working directly alongside the CISO, you will architect and implement the firm’s detection and response foundations - designing telemetry strategy, response workflows and supporting security controls in a largely greenfield environment. This is not a SOC management role … from a single senior engineer into a small, high-calibre team... Key Responsibilities Architect and scale the firm’s end-to-end detection and response capability, from telemetry ingestion through to investigation workflows Design high-signal detection logic informed by real attack techniques, not generic vendor rules Build ...

events from Microsoft Security Suite Perform initial triage and analysis of security incidents to determine severity and impact. Escalate verified incidents to the incident response teams. Ensure timely triage and remediation of any incidents Follow standard operating procedures (SOPs) for incident handling and escalation. Assist in improving … standard operating procedures (SOPs) Assist in identifying tuning opportunities and reduction of false positives Communicate with customer stakeholders during incident investigation Maintain awareness of current threats and vulnerabilities relevant to customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender ...

seamless and high-quality experience for end users. Take accountability of the on-call rota , ensuring appropriate coverage, managing participation, and leading rapid incident response to maintain service availability. Continuously assess and improve team processes and procedures , fostering a culture of innovation and engineering excellence to optimise performance … team that consistently meets objectives and drives continuous improvement. Regularly conducts performance reporting and analysis , tracking key metrics such as system availability, uptime, and response times to inform decision-making and improvement initiatives. What you’ll need to succeed Essential: Experience in a leadership role , including mentoring, developing team ...

third-party solutions, lead design reviews with a focus on threat modeling, secure architecture, and long-term maintainability. - Support continuous improvement in detection, incident response, and overall resilience, and support security assessments, reviews, and audits. - Contribute to roadmaps and technical direction, ensuring security is integral to architecture ...

cyber trends Assisting with security initiatives and implementations Overseeing the remediation of vulnerabilities raised by MSSP penetration tests, producing supporting documentation Assisting with incident response What you'll need to succeed Experience of rule creation and definition within Google SecOps is ideal, alongside, MS Defender for Endpoint ...

GDPR, BCBS 239, FFIEC 101, 3402, CHAP. Working experience and/or knowledge of Security domains including Access management, Threat management, Incident response and recovery, Data protection, Vulnerability management, Monitoring and logging, Physical security, and Security risk management and governance. Working experience and/or knowledge of application ...

operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling Log analysis Microsoft security technologies (including Sentinel, Defender, Entra ID) Automation and scripting fundamentals The successful applicant will ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

will receive an additional allowance. Specific projects the team are working on include rolling out an observability tool to enhance system monitoring and incident response, streamlining deployment processes to reduce downtime and speed up feature delivery, and developing a CLI tool to automate tasks and boost developer productivity. ...

secure cloud operations across the organization. Provide a first class service to our main stakeholders in our support portal Be part of our security incident response on-call rotation (voluntary) and lead security incidents What you will bring along Knowledge & Engineering practices Data Security: Deep understanding of cloud ...

secure cloud operations across the organization. Provide a first class service to our main stakeholders in our support portal Be part of our security incident response on-call rotation (voluntary) and lead security incidents What you will bring along Knowledge & Engineering practices Data Security: Deep understanding of cloud ...

embed security-by-design into system architecture, development pipelines, and operational workflows. Support secure configuration, logging, monitoring, and access control practices. Vulnerability and Incident Management Operate vulnerability management processes including: CVE monitoring and triage Patch management coordination Tracking and closure of remediation actions Coordinate penetration testing and security assessments … across products, platforms, and infrastructure. Maintain incident response documentation, support tabletop exercises, and assist with post-incident reviews. Identity, Access and Data Security Support identity and access management (IAM) compliance including: Role-based access control Quarterly access reviews MFA/2FA enforcement Support encryption, key management, backup ...

embed security-by-design into system architecture, development pipelines, and operational workflows. Support secure configuration, logging, monitoring, and access control practices. Vulnerability and Incident Management Operate vulnerability management processes including: CVE monitoring and triage Patch management coordination Tracking and closure of remediation actions Coordinate penetration testing and security assessments … across products, platforms, and infrastructure. Maintain incident response documentation, support tabletop exercises, and assist with post-incident reviews. Identity, Access and Data Security Support identity and access management (IAM) compliance including: Role-based access control Quarterly access reviews MFA/2FA enforcement Support encryption, key management, backup ...