Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »
other technologies needed for application deployment and scaling. Ensure high availability, reliability, and performance of applications by implementing standard processes for monitoring, alerting, and incident response. Lead efforts to automate manual tasks and streamline operations using infrastructure as code (IaC) and configuration management tools. System Reliability: Collaborate with development … teams to ensure that reliability considerations are integrated into the software development lifecycle. Implement post-incident reviews and drive improvements based on lessons learned. Continuous Integration and Delivery (CI/CD): Drive the implementation and optimization of CI/CD pipelines to automate software builds, tests, and deployments. Work … the DevOps and SRE processes, ensuring compliance with security standards and best practices. Implement security measures such as access controls, encryption, and vulnerability management. Incident Management and Response: Define and implement incidentresponse processes, including escalation paths, communication plans, and post-incident analysis. Lead incidentmore »
and technology management. Create fraud operations operating model to deliver fraud stakeholders with meaningful fraud information and potential impact. Interface with other Fraud (e.g., IncidentResponse, SOC) and business teams Action threat intelligence and technical indicators from external sources. Research, analyze, write and publish. To be successful in more »
or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incidentresponse, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incidentresponse, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »
Cyber IncidentResponse A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incidentresponse team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the IncidentResponse investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »
mitigating cyber risks, manage various vendor and third-party supplier relationships, and act as a key point of contact when overseeing vulnerability management and incidentresponse processes. This role requires a deep understanding of cyber risk, stakeholder and vendor management skills, and expertise in vulnerability management and incidentresponse processes. Main responsibilities: Conduct cyber risk assessments to identify vulnerabilities and threats. Analyse existing security measures and recommend enhancements to mitigate identified risks. Collaborate closely with internal stakeholders across various departments to understand their unique cybersecurity needs and requirements. Evaluate third-party vendors and assess their cybersecurity … and oversee vulnerability management processes to proactively identify and remediate security vulnerabilities. Coordinate with relevant teams to prioritise and address vulnerabilities. Develop and maintain incidentresponse plans and procedures to effectively respond to cybersecurity incidents such as data breaches, malware infections, or unauthorised access. Lead incidentresponsemore »
Senior IncidentResponse Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior IncidentResponse Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incidentresponse, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incidentresponse/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incidentresponse experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »
London, England, United Kingdom Hybrid / WFH Options
Sportradar
the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »
and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incidentresponse environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incidentresponse processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »
aligning with the bank's goals, policies, and standards. Security Architecture & Design: Design secure network, system, and application architectures, ensuring data confidentiality and integrity. IncidentResponse & Management: Play an integral role in incidentresponse, investigation, and coordination. Security Operations & Monitoring: Collaborate with the SOC to analyse … security events. Regulatory Compliance: Ensure compliance through assessments and reporting. Vulnerability Management: Conduct vulnerability assessments and remediation (Qualys or similar vulnerability management tools). Incident Investigation & Forensics: Conduct forensic investigations following incidents to prevent recurrences. Collaboration & Stakeholder Management: Work closely with internal teams and external stakeholders to ensure a more »
Hi All, I'm working with a global business looking for an IncidentResponse Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »
over 100 sites, 100,000 users, 14,000 employees). They are looking for an experienced Cyber Security Analyst to help transform the way incidentresponse and detection is done within the organisation. The role will require a complete overhaul of the current processes and procedures to provide … Defender & MS Sentinel). You will be tasked with: Supporting the implementation of Sentinel Building out MS Defender capability Writing runbooks and playbooks across incidentresponse What we are looking for: Good operational knowledge of all aspects of Azure with at least 3 years of experience. Experience working more »
range of initiatives covering, but not limited to Security Assurance, Threat Detection, Risk Management, Cloud Security Posture Management (CSPM), Threat Intelligence, Vulnerability Management and Incident Management and Response. Responsibilities: Accountability for delivering and maintaining our Security Incident Management Procedures, along with Security Playbooks and Runbooks to optimise our … ability to defect and recover from threats Accountability for Security Event Monitoring, Threat Detection and Incident Triage and Response capabilities Accountability for the Security Operations aspect of the Security Roadmaps and day to day activity planning Contribute towards the InfoSec Risk Management practice Responsibility to Perform Risk and … for Security Education and Awareness campaigns Skills and experience: Knowledge of the following security domains: Data Security, Logging and Monitoring, Malware Detection, Threat Detection & IncidentResponse, Threat Intelligence, IAM & PAM, Network Security/Perimeter Security, Email Security, Data Loss Prevention, Anti-Virus and Endpoint Protection. Experience of Control more »
you will be the subject matter expertise in relation to IT and Information Security controls and assurance, Cyber Security threat and vulnerability management and response, and supplier security due diligence and assurance. The role is a key part of the Cyber/Information Security function. It plays a key … safe. As a Security Analyst you will lead a broad range of initiatives covering, but not limited to Security Operations, Security Assurance, Threat Detection, Incident Management and Response in the objective to protect the organisation against internal and external cyber security threats. Responsibilities: Support with Vulnerability Management, Penetration … within a challenger bank or financial technology (‘FinTech’) organisation. Knowledge of the following security domains: Data Security, Logging and Monitoring, Malware Detection, Threat Detection & IncidentResponse, Threat Intelligence, IAM & PAM, Network Security/Perimeter Security, Email Security, Data Loss Prevention, Anti-Virus and Endpoint Protection. Supply Chain Risk more »
Identify intelligence collection gaps and communicate findings and collection requirements Initiate, propose, and update processes and standard TI operating procedures for efficient and effective response to TI and IR RFIs Take ownership of, triage, and update tracking systems for TI requests Gather contextual information from multiple sources to establish … course of action or respond to a standard request for information related to the TI-Support service line Meet service level agreements regarding initial response time and customer notification as necessary Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities Route … and malware Host forensics, network forensics, and malware analysis techniques Network traffic analysis, endpoint activity analysis, and log analysis techniques Understanding of enterprise cyber incident management and response processes Understanding of enterprise cybersecurity controls and failure modes - Excellent technical communication skills (oral and written) including experience briefing executive more »
and looking for a Senior Security Analyst to join the Global Team. You will play a crucial role in ensuring effective security monitoring and incident response. This role will also be required to assist in the development, implementation, and maintenance of the IT Security program in the company. We … Security and ideally CISSP (although for the right candidate we can support the gaining of this qualification). Key responsibilities include: Security Monitoring and IncidentResponse Monitoring systems for signs anomalies, attacks, and unauthorized activities. Investigate potential incidents and provide timely feedback. Analyze events to identify trends, threats more »
client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incidentresponse capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »
where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incidentresponse efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). more »
to discern emerging threats, dissect attack patterns, and decipher threat actor behaviors. Craft actionable intelligence reports, alerts, and recommendations to facilitate swift and effective response measures. Collaborate closely with interdisciplinary teams to devise proactive strategies and countermeasures against identified threats. Stay abreast of the latest cybersecurity trends, threat landscapes … or a related field, coupled with advanced certifications such as CISSP, CISM, or GIAC for added merit. Demonstrate proven expertise in threat intelligence analysis, incidentresponse, or cybersecurity operations. Exhibit an in-depth comprehension of cyber threats, vulnerabilities, and attack methodologies. Showcase proficiency in utilizing threat intelligence platforms more »
C&I SIR practice works with NCC Group clients to deliver prioritised programs of security improvements: in close collaboration with NCC Group security audit, IncidentResponse, Penetration and Red Teams. Security Consultants play key roles in these client assignments: as recognised security experts they drive change, as well … and their service providers on changes they will make. Key to this role is assessing and enhancing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews. As part of a project team, they … client Security Posture is materially impacted in a positive manner over the duration of an engagement. Assessing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews Providing technical input for work plans and more »
Manage security tools such as intrusion detection and prevention systems • Assist Team Leads with reporting, projects, administrative work as needed • Monthly SOC Reports Provide IncidentResponse (IR) support from Level 1, escalating to Level 3 when needed. Provide threat and vulnerability analysis as well as security advisory services more »
engineering security solutions. · Provide input for architecture plans with consideration of current standards. · Monitor new and emerging technologies that could be adopted · Take on incidentresponse duties · Liaison with key stakeholders · Ensure smooth handover from engineering to production. Requirements: · Strong knowledge of security engineering concepts . Working knowledge more »
standards like GDPR. Generate quarterly cybersecurity briefings for senior management, delivering insights on recent threats and the prevailing risk landscape. Assess security incidents, formulate response strategies, and coordinate with technical incidentresponse teams for prompt and effective resolution. more »