1 to 25 of 285 Incident Response Jobs in the UK

events and alerts in real-time to identify potential security incidents. Investigate and analyse security incidents to determine their root cause and impact. Execute incident response procedures and escalate issues as necessary. Document and report security incidents, findings, and actions taken. Collaborate with senior SOC analysts and other … IT/security teams to continuously improve security monitoring and incident response capabilities. Requirements: Strong interest in cybersecurity and a desire to pursue a career in this field. Knowledge of networking concepts and basic understanding of cybersecurity principles. Experience with security tools and technologies is a plus (e.g. more »

events and alerts in real-time to identify potential security incidents. Investigate and analyse security incidents to determine their root cause and impact. Execute incident response procedures and escalate issues as necessary. Document and report security incidents, findings, and actions taken. Collaborate with senior SOC analysts and other … IT/security teams to continuously improve security monitoring and incident response capabilities. Requirements: Strong interest in cybersecurity and a desire to pursue a career in this field. Knowledge of networking concepts and basic understanding of cybersecurity principles. Experience with security tools and technologies is a plus (e.g. more »

communication and collaboration between cross-functional teams, including IT, security, and business stakeholders. 5. Lead the documentation and mapping of security processes, workflows, and incident response procedures. 6. Assist in the selection and implementation of security technologies and tools to support GSOC operations. 7. Develop and maintain project more »

contract. Project management. Change management , working alongside Operations Manager. Onsite IT support and triage of issues prior to escalation to relevant supplier. Member of Incident Response Team. Membership of the monthly Information Security Forum. Management of software and device estate. Ongoing development of governance and controls around IT more »

Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as … monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more »

Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incident response like a champion. Main Responsibilities • Mastermind Incident Response: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incident response methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »

role is hybrid with occasional visits to the office, ideally you will live a 50-mile radius of the office. Responsibilities: Security Monitoring and Incident Response: Cloud Infrastructure Security: Identity and Access Management: Security Compliance and Auditing: Security Documentation and Reporting: Monitor cloud security events and alerts. Investigate more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

Alongside this you’ll complete training workshops and assignments, delivered by a leading apprenticeship training provider. Successful applicants will be involved in Security Operations, Incident Response, Risk Management and user awareness to ensure safe, secure, and innovative business solutions are delivered to drive sustainable value for a competitive more »

date on the latest security trends , tools, techniques to enhance testing methodologies and procedures. Other responsibilities within the team include security assessments, risk analysis, incident response, research, compliance, and documentation. Desirable Qualifications include CHECK team member, OSCP and Crest . However, if you have some at least more »

such as DataDog and PagerDuty to provide proactive monitoring of production (and other) environments, design and implementation of automation processes to drive efficiencies, leading incident response, troubleshooting and root cause analysis to prevent issues reoccurring. You'll liaise closely with business stakeholders to understand requirements, address concerns and more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Responsibilities Platform Expertise: Maintain pipelines, Terraform code, and AWS stack for optimal platform performance. Automation Focus: Patch, update, and automate tasks for maximum efficiency. Incident Lead: Coordinate incident response with L2 and SRE teams. Handover and Reviews: Facilitate daily SRE handovers and post-incident reviews. Reporting more »

policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM more »

Plus Assessments for our customer base. Perform network security audits. Conduct external and internal penetration tests. Provide support during major security incidents across all incident response phases. Proactively monitor internal infrastructure using toolsets, remediate issues, and provide recommendations. Design, implement, and provide support for customer security solutions. Serve more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

effective resolution of issues and change delivery. More broadly, you will provide technical leadership, build and maintain key stakeholder relationships and lead on major incident response ensuring functionality of the University's VLE. You will also play a key role supporting our DevOps maturity focusing on maintaining and more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

Standards and Cybersecurity best practices to support complex decisions across the organisation. Support the Cybersecurity Manager in the implementation and maintenance of the cybersecurity incident response procedures and processes. Implementation and maintenance of technical security controls to protect all information assets according to their sensitivity, integrity, and criticality more »

and production environments. Assist the project, SOC and wider teams and help develop Cyber Use Cases e.g. log source onboarding, use case development with incident response playbook development and automation and integration with Service Now and SysNG Ensure cyber use cases are successfully tested, with defects remediated through more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring … Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures. Response: Lead and coordinate incident response activities, develop and maintain incident response plans, and escalate incidents … as necessary, ensuring adherence to major incident processes. Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds. Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure. Collaborate more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

security contact for UK clients Be responsible for the investigation and resolution of security related events from various security appliances and toolsets Develop security incident response plans & procedures including Security Incident Crisis/Emergency Management Ensure integration of new security services within the monitoring and detection capability … to respond to security threats of the future Oversee relationship with MDR vendor to deliver SOCaas service Oversee internal CSIRT programme Coordinate the post-incident review process, drive practical and impactful changes throughout the phases of the incident response lifecycle Enhance security capabilities by building security tools more »

world-leading security solutions across our SaaS platform, internal function and product offering. One of our current focuses is building our CSIRT (Cyber Security Incident Response Team) capabilities, which is where you come in. We are looking for someone to take ownership of a large portion of European … based incidents. You will join our CSIRT department inside our Information Security area of the business that provides incident response, threat hunting, threat intelligence and forensics functionalities. The suitable candidate should have experience working within an incident response focused environment. The suitable candidate should be experienced more »