2 of 2 Incident Response Jobs in Somerset

detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations … Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill ...

Defender for Identity, Defender for Cloud Apps, etc.) and other monitoring tools to identify and respond to potential data loss or unauthorised data sharing Incident Triage & Response: Perform timely triage of security alerts to determine impact and urgency, investigating incidents using available tools and data Lead initial incident response actions (containment, remediation, communication) for confirmed security incidents, following established escalation procedures Ensuring that all incidents are promptly escalated to senior leadership or external partners, as appropriate Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions ...