DFIR Consultant Digital Forensics & IncidentResponse United Kingdom Role Purpose To Support and service NCC Group clients within the Digital Forensics and IncidentResponse space The DFIR Consultant plays a vital role within the team of seasoned analysts, actively participating in the analysis, and response … situations Supporting Sales when required Functional and technical skills Minimum Requirements Strong technical knowledge, including the ability to conduct analysis in support of cyber incidentresponse activities (to include an understanding of network analysis, host investigation including forensics, malware analysis). Experience using industry standard software and tooling … analysis of data, including experience of EDR software. Experience evaluating client security controls, architecture, and operations. Experience crafting scripts and tools to further enhance incident investigative efforts. Experience triaging Windows and Linux hosts. Experience with Network Traffic Analysis. Experience with Log Data Analysis Proven ability to explain technical output more »
world-leading security solutions across our SaaS platform, internal function and product offering. One of our current focuses is building our CSIRT (Cyber Security IncidentResponse Team) capabilities, which is where you come in. We are looking for someone to take ownership of a large portion of European … based incidents. You will join our CSIRT department inside our Information Security area of the business that provides incidentresponse, threat hunting, threat intelligence and forensics functionalities. The suitable candidate should have experience working within an incidentresponse focused environment. The suitable candidate should be experienced more »
development to ensure our analysts remain knowledgeable and the skills in order to maintain our mission. We are looking for an experienced analyst/incidentresponse analyst with a passion for Cyber Security. Location - Reading/Basingstoke Salary - £35,840 - £48,000 pa As part of our People … more information available on our careers site Key Accountabilities: Monitoring activity on corporate networks for compliance against Company policy. Monitor alerts and first line response to Cyber security incidents. Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player. Additional … and tune existing rules and use cases Assess and develop existing toolsets to improve capability Support the wider AWE in improving our defences Conduct incidentresponse You Will Have: Experience within a SOC environment Incidentresponse experience A passion for Cyber Security A qualification/certification more »
you will work with our clients various vendors and 3rd party suppliers to manage security risks internally and externally, in addition to participating in incidentresponse and vulnerability management activities. We are looking for people who have a strong background in managing risks with vendors, incidentresponse … strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead incidentresponse efforts related to security vulnerabilities, including investigation, containment, and remediation. Conduct regular vulnerability scans and penetration tests to identify and address security … risk assessments, findings, and remediation plans. To be considered for this role, you should have: Prior strong experience in vulnerability management, risk assessments, and incident response. Strong understanding of common security vulnerabilities and attack vectors. Experience with vulnerability scanning tools such as Nessus, Qualys, or similar. Familiarity with industry more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
Senior IncidentResponse Consultant Salary: £70-£80k + Bonus + Benefits Location: UK Wide - Hybrid Currently working with one of the fastest growing MDR firms in the UK who are looking for an IncidentResponse Lead to help spearhead the function into a best in call … cyber detection, monitoring and response function. Gaining access to some of the highest profile and sophisticated incidents out there; focusing exclusively on hands-on investigative pieces of work, you will be responsible for the remediation of large scale incidents whilst being given a pretty significant budget to invest in … yourself and practice. Key Responsibilities Act as a lead and technical escalation point on the most complex Digital Forensics & IncidentResponse investigations. Work closely with security research team to develop new and innovative investigations tooling and methodologies. Collaborate with the wider business to help curate concepts and utilising more »
InfraView - Specialist Cloud & IT Infrastructure Technology Recruitment
about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incidentresponse, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities Own … the evolution and growth of the Security Service and represent the security function (including the 24/7 IncidentResponse capability) within the business. Grow, develop and lead a team of security professionals ensuring employee engagement. Empower your staff to deliver first-class service. Keep up to date … of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incidentresponse and overseeing operational improvement actions such as development and tuning of security monitoring, alerting, and reporting. It goes without saying that this more »
Cyber Threat Analyst Salary: Up to £37,000 This is an exciting opportunity for someone with threat hunting and incidentresponse experience to join our team to help drive and maintain a critical cyber service for Aviva, and in doing so protect our customers. A bit about the …/platforms, utilising leading security tools using your own research and input from other teams within Aviva. You will also be responsible to support incidentresponse activities escalated to Tier 3 and engage with security teams and business stakeholders to help mitigate risk and ensure that Aviva's …/7 out of hours on call rota. Skills and experience we’re looking for: Demonstrable experience in triaging incidents and going through the incidentresponse lifecycle. Have conducted threat hunts using your understanding of the current threat landscape and methodologies used by attackers. Experience of creating custom more »
vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incidentresponse plan, act as the incidentresponse leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. This organisation is making a big investment in cyber … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
Liverpool, England, United Kingdom Hybrid / WFH Options
Hays
Evaluate new security technologies and solutions to enhance the organization's security posture. • Ensure proper configuration and tuning of security tools to maximize effectiveness. • IncidentResponse and forensics – developing and maintaining an incidentresponse plan. • Provide leadership and mentorship to junior members of the security team. … information security strategy. • Experience overseeing day-to-day operations of the outsourced SOC team. • Define and enforce SOC processes and procedures to ensure effective incident detection, response, and remediation. • Experience Coordinating with internal teams and external stakeholders to address security incidents and vulnerabilities. • Experience Conducting regular threat assessments more »
This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership … oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incidentresponse, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the … ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incidentresponse efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay more »
Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »
Ensure secure handling of application secrets (API keys, passwords, etc.) throughout their lifecycle. Participate in on-call rotation, providing 24x7 escalation capabilities Participation within incidentresponse efforts as Incident Commander. Other duties as assigned or directed. Education, Experience, and Skills required Proven experience as a Senior Active … commercial orchestration tools. Experience with creating and reviewing workflow processes and technical documentation. Comfortable with mentoring other team members, providing guidance and direction during incidentresponse and engineering efforts. Familiarity with regulations and frameworks such as NIST, PCI, SOC, HIPAA, SSAE 16/SOC 1, SOC 2, ISO more »
assets, conducting regular reviews and audits. Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities. IncidentResponse Planning Support: Collaborate with the incidentresponse team to develop and maintain response plans and procedures. Propose Future Organisational more »
client and their vendors/3rd party suppliers. Our client is looking for candidates who hold strong skills in vulnerability management, vendor relationship management, incidentresponse, and possess a deep understanding of cyber risk. Main Responsibilities: Develop and implement cyber risk management strategies, policies, and procedures. Lead vulnerability … assessing, prioritising, and remediation of vulnerabilities. Establish and maintain strong vendor relationships to ensure third-party vendors comply with cybersecurity requirements and standards. Oversee incidentresponse activities, including incident detection, analysis, containment, eradication, and recovery. Conduct risk assessments to identify potential cyber threats and vulnerabilities. Manage various … To be considered for this role, you should have: Must have a strong background in cyber risk management, vulnerability management, vendor relationship management, and incident response. Strong understanding of standards such as PCI-DSS, NIST, ISO27001, GDPR, and similar. Proven track record of developing and implementing effective cyber risk more »
security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy. Identify, evaluate, and mitigate cyber threats. Lead incidentresponse activities and investigations into security breaches. Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement … remediation, through the whole lifecycle to ensure safety and compliance for the business. Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incidentresponse capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the more »
the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and IncidentResponse as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incidentresponse processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »
reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. * Ensure timely and robust incident management resolution, including major incidentresponse coordination and management. * Deputise for the Senior IT Security Manager as and when required. Education, Qualifications … of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. * Experience in incidentresponse and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. * Technical knowledge and broad hands-on experience … Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. * Ability to effectively coordinate and manage major incident responses. * Ability to work under pressure and maintain customer service ethic. * Ability to be creative. * Ability to present complex security solutions and situations to more »
Professional looking for an exciting opportunity to work for an award-winning Cyber Security & Risk Management company? Our client is a leader in cyber incidentresponse and security managed services. Rapidly expanding and seeking Mid & Senior level IT Infrastructure Engineers with a focus on project delivery and ransomware … various operating systems. Knowledge of common security threats, attack vectors, and mitigation strategies. Excellent communication skills to convey technical information . Key responsibilities include: IncidentResponse& Analysis Security Monitoring&Incident Detection Threat Hunting Vulnerability Management Security Reporting and Documentation Benefits: Cycle to work scheme Gym membership Private more »
Stanmore, England, United Kingdom Hybrid / WFH Options
Sky
high priority incidents. What you'll bring +5 years' experience within a technical Security Operations role. +5 years' experience of Cyber Security Investigations and IncidentResponse environments. Good knowledge of Anti-malware, or Endpoint Detection and Response (EDR) systems. Good all-round knowledge of different threat scenarios … investigations, incidentresponse processes and remediation techniques. Good knowledge of cyber security systems and tooling. Reasonable knowledge of Security Information and Event Management (SIEM) systems. Reasonable knowledge of Security Orchestration, Automation and Response (SOAR) systems. Good knowledge of User Behaviour Analytics (UBA) systems. Good knowledge of common more »
Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incidentresponse and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incidentresponse and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Head Resourcing
with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incidentresponse plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incidentresponse, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »
experience with SIEM (Security Information and Event Management) tools will be instrumental in identifying and mitigating security threats proactively. Responsibilities: 1. Security Monitoring and IncidentResponse: - Utilize SIEM tools such as Microsoft Sentinel to monitor security events and respond promptly to potential threats. - Investigate security incidents, analyse root … causes, and implement necessary remediation actions. - Develop and maintain incidentresponse procedures to ensure timely and effective handling of security breaches. 2. Vulnerability Management: - Conduct regular vulnerability assessments and penetration tests to identify weaknesses in our systems and infrastructure. - Collaborate with system administrators and developers to remediate vulnerabilities more »
proactive and reactive security monitoring across information assets. KPI Development and Improvement: Develop and maintain key performance indicators (KPIs) while identifying areas for enhancement. IncidentResponse Leadership: Be the point person for cybersecurity incidentresponse, ensuring efficient and well-tested processes. Operational Checks: Establish and maintain more »