Job DescriptionCyber Snr. IncidentResponse Specialist - London - £85/£95kMy client is a global consultancy who are adding to their incidentresponse & proactive threat-hunting team to further develop and polish the company's overall service offering. They are looking for a strong incidentresponse consultant who can independently investigate incidents, conduct threat hunting and engage with clients.Responsibilities of a Cyber Snr. IncidentResponse Specialist:Manage and coordinate cyber security incidentsAct as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating further attacker … activity across endpoints, cloud, and network infrastructureWork closely with the CTI team and create playbooksDigital forensics of relevant incident data (disk, volatile memory, network packets, log files).Have the ability to advise clients on the threat landscape and attacks that may be relevant to themHave an understanding of incidentmore »
Cyber IncidentResponse Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Job DescriptionAbout UsOutbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world.With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and we … for the company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach.Role DescriptionThe Incident Manager (IM) is the glue who holds together all other teams and stakeholders in a cyber incident. You can think of this role like … accountable for their activities.The IM with be extremely detail orientated and comfortable with ensuring processes are appropriately followed and progressed as needed during the incident and quickly raising any challenges to the relevant owner.IMs will generally only be working on one incident at a time though in some more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »
development to ensure our analysts remain knowledgeable and the skills in order to maintain our mission. We are looking for an experienced analyst/incidentresponse analyst with a passion for Cyber Security. Location - Reading/Basingstoke Salary - £35,840 - £48,000 pa As part of our People … more information available on our careers site Key Accountabilities: Monitoring activity on corporate networks for compliance against Company policy. Monitor alerts and first line response to Cyber security incidents. Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player. Additional … and tune existing rules and use cases Assess and develop existing toolsets to improve capability Support the wider AWE in improving our defences Conduct incidentresponse You Will Have: Experience within a SOC environment Incidentresponse experience A passion for Cyber Security A qualification/certification more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting IncidentResponse activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining … compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, IncidentResponse, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat … Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource more »
security solutions tailored to the business's requirements.Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incidentresponse, monitoring, endpoint security, identity and access management, network security, and cryptography.Assist in developing and maintaining security policies, processes, incidentresponsemore »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
Portsmouth, Hampshire, United Kingdom Hybrid / WFH Options
J & C Associates Ltd
specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incidentresponse team. Implement metrics and dashboards to give more »
days per week on-site in any of the following locations: Portsmouth, Wiltshire and North Yorkshire Responsibilities: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incidentresponse team. Implement metrics and dashboards to give more »
and report issuesSecurity & Best PracticeWorking with various other Security personnelMitigating Information and Cyber based risks Identifying potential threats and risksAssisting with resolution of incidentsIncident response and threat huntingWorking with threat management frameworksThreat intelligence and continuous improvementSecurity monitoring and traffic analysisVulnerability management You will advise on Security best practices, and … teams.There will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved.The ideal candidate will have:Incidentresponse and security monitoringUnderstanding of threat modellingInvestigation experience into Information and Cyber security incidentsBroad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM more »
Brighton, England, United Kingdom Hybrid / WFH Options
Hays
maintain information security strategies and objectives to enhance the overall security posture of the business. Monitor and analyse security incidents and breaches, and lead incidentresponse efforts to contain and mitigate the impact in a timely manner. Reporting to senior management on Cyber related metrics and improvement needs. more »
Reading, England, United Kingdom Hybrid / WFH Options
Henderson Scott
+ Bonus) You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service … monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur. Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation … changes. Stay updated on the latest information security trends to assess their potential impact on the client's environment. Participate in an on-call incidentresponse team on a rotational basis (fortnightly). Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and more »
engineering security solutions.· Provide input for architecture plans with consideration of current standards.· Monitor new and emerging technologies that could be adopted· Take on incidentresponse duties· Liaison with key stakeholders· Ensure smooth handover from engineering to production.Requirements:· Strong knowledge of security engineering conceptsWorking knowledge over Linux and more »
across information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cybersecurity incidentresponse and ensure processes and procedures and playbooks are efficient, effective, and are tested regularly in line with policy. Develop and maintain a more »
a DEVOPS environment, with strong knowledge of AWS services and security best practices.Proven experience working as part of a SOC function, with expertise in incidentresponse and threat hunting.Strong understanding of network security principles, protocols, and technologies.Excellent communication and interpersonal skills, with the ability to effectively collaborate with more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cyber security incidentresponse and ensure processes and procedures and playbooks are efficient, effective and are tested regularly in line with policy. Develop and maintain a more »
South East London, England, United Kingdom Hybrid / WFH Options
Client Server
the appropriate SIEM platform and then once it's embedded ensuring BAU and leading security monitoring, carrying out indepth investigations and actively participating in incident response.This is a high profile role where you'll establish Security Operations Centre procedures and processes from the ground up, collaborating with senior stakeholders more »
flexible working, in house L&D, 28 days holiday +BHSkills required for this role:- Experience working with SIEM solutions (ideally Sentinel)- Vulnerability management (Nessus)- IncidentResponse- Implementing appropriate mediationDesirables:- SC Clearance- Large guideline expérience (ISO27001, Cyber Essentials, etc)This role gives the right candidate an opportunity to springboard more »
Level - IC4 Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting and automation via pyton scripting and SOAR tools. May participate in an incident management team, responding to security events in line with Oracle incidentresponse playbooks. Investigates purported intrusions and breaches, and oversees root cause … analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incidentresponse, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »
Hatfield, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Hays
Analyse IT security posture, manage OS patches, and conduct vulnerability scans; advise on risk mitigation. Investigate security breaches, preserve evidence, and maintain a Cybersecurity IncidentResponse Plan. Develop IT security training for users and promote security awareness. Support IT leadership in technical planning and prioritise system developments. Manage … and applications within a large enterprise networked environment. (Educational background is a plus) Operational experience with Voice and Wireless LAN standards. Developing Cyber Security Incident Plan (CIRP) with forensic readiness. Strong experience in Data Networking Protocols (TCP/IP, OSPF, DHCP, DNS). Proven track record in efficient business more »