1 to 25 of 292 Incident Response Jobs

Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incident response and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/ more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incident response environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incident response processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »

maximising the number of successful IT changes by ensuring that risks have been properly assessed authorizing changes to proceed and managing the change schedule. Incident Management: Oversee and respond to Technology incidents and emergencies. Develop and maintain an effective incident response plan, ensuring that the team can more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incident response efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). more »

training, consultancy, and solutions to regulated, high value and high threat environments. Kenyon International Emergency Services is a world leader in emergency planning and incident response. Air Partner Air Partner works with Climate and Development experts Climate Impact Partners, to allow clients to offset carbon emissions in support of more »

Senior Incident Response Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior Incident Response Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incident response, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »

C&I SIR practice works with NCC Group clients to deliver prioritised programs of security improvements: in close collaboration with NCC Group security audit, Incident Response, Penetration and Red Teams. Security Consultants play key roles in these client assignments: as recognised security experts they drive change, as well … and their service providers on changes they will make. Key to this role is assessing and enhancing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews. As part of a project team, they … client Security Posture is materially impacted in a positive manner over the duration of an engagement. Assessing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews Providing technical input for work plans and more »

You will work closely with cross-functional teams to design, implement, and maintain robust and resilient systems, with a focus on automation, monitoring, and incident response. The role: • Working arrangements: Flexible – can be fully remote (UK residents only – unfortunately, Visa sponsorship is not offered for this role) Key Responsibilities … and performance in mind. Implement and maintain monitoring, alerting, and logging systems to proactively identify and resolve issues before they impact customers. Participate in incident response and on-call rotations, diagnosing and resolving production issues to minimize downtime and ensure service reliability. Conduct performance analysis and capacity planning more »

Hi All, I'm working with a global business looking for an Incident Response Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »

and remediate vulnerabilities with an emphasis on automation and scalability Conduct security assessments and work with other engineering teams to develop secure products Support incident response and remediation including log and forensic data collection Consult with other teams to guide them in addressing vulnerabilities in source code or more »

analysing security logs and events, implementing security controls from the CIS security framework, configuring and managing security tools and technologies. You'll participate in incident response activities and collaborate across teams to ensure security is integrated into all aspects of the organisation. You'll have continual learning and more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

Years experience Nice to Have Skills: Any of Network+, Security+, CCNA, DEVOPS, JUNOS, Salesforce or other recognised IT admin certification Knowledge of Cyber Incident response and Linux environments Non internet facing IT environments Computer Science Degree or any similar field Benefits: Competitive salary and promotions based on excellence. more »

Technical Expertise: Experience with Active Directory, ADFS, Citrix, Exchange, and Office365 in complex environments. Documentation: Ability to produce and review technical designs and documentation. Incident Response: React to escalations during critical incidents and support root cause analysis. Communication: Effective communication with technical and non-technical audiences. Background career more »

line with our drive towards operational excellence You will estimate costs, present ideas, and produce progress reports for CAPEX works You will learn expected incident responses, contribute towards incident reporting, RCAs and lessons learned to ensure a culture of continuous improvement You will ensure you have a good more »

use software engineering to automate IT operations tasks that would normally be performed by system administrators. These tasks include: Production system management Change management Incident response Analysing logs Performance tuning Applying patches Developing code to automate the above tasks WE NEED THE SITE RELIABILITY ENGINEER TO HAVE…. more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

to identify vulnerabilities and implement mitigation strategies. Regulatory Compliance: Stay abreast of security trends, technological advancements, and regulatory changes to continuously enhance security measures. Incident Response: Incident Management: Promptly respond to security incidents, ensuring de-escalation and safety for all involved. Investigations: Conduct thorough investigations, gather evidence … accurate records and prepare detailed reports for management review and regulatory compliance. Training and Development: Ongoing Education: Provide continuous training on security procedures, emergency response tactics, and conflict resolution techniques. Drills & Simulations: Conduct regular drills to assess readiness and reinforce best practices for various security scenarios. Professionalism: Foster a … Cybersecurity Operations Manager, Information Security Operations Manager, IT Security Operations Manager, Network Security Operations Manager, Security Control Center Manager, Security Monitoring Manager, and Security Incident Response Manager. REF more »

and functional. Server and application patching and security product maintenance. IT hardware and software asset management - including polices that govern its disposal. Responsible for incident response activities from inception to remediation. Organise and evaluate regular internal and external vulnerability scans with the aid of our 3rd party providers more »

strategic goals, and drive implementation. End-to-End DLP Management: Managing all aspects of DLP within a business, including policy creation, deployment, monitoring, and incident response. Data Leakage Considerations: Awareness of potential ways data can leak out of an organisation External Data Sharing: Knowledge of secure methods for sharing more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »