Cyber IncidentResponse Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
Idox plc
Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and IncidentResponse: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. IncidentResponse Planning and Training: Develop and maintain incidentresponse plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »
design, implementation and maintenance of robust security measures across network and cloud environments, ensuring protection against potential threats, adherence to industry standards, and proactive incident response. This will include providing security consultancy services to the Change Team. In this role you will Ensure continual alignment of Information Security Policies … with the Architecture team Ensure adherence to industry best practices, regulatory standards, and internal security policies across network and Cloud environments Develop and implement incidentresponse plans specific to network and Cloud security incidents, outlining clear protocols for detection, containment, and recovery Identify and establish partnerships with external … reports Organise and oversee regular vulnerability assessments and penetration testing activities to identify weaknesses and potential entry points for cyber threats Develop and maintain incidentresponse plans aligned with identified risks and potential threats The ideal candidate for the role of Security Engineer will have: - Hold a degree more »
development to ensure our analysts remain knowledgeable and the skills in order to maintain our mission. We are looking for an experienced analyst/incidentresponse analyst with a passion for Cyber Security. Location - Reading/Basingstoke Salary - £35,840 - £48,000 pa As part of our People … more information available on our careers site Key Accountabilities: Monitoring activity on corporate networks for compliance against Company policy. Monitor alerts and first line response to Cyber security incidents. Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player. Additional … and tune existing rules and use cases Assess and develop existing toolsets to improve capability Support the wider AWE in improving our defences Conduct incidentresponse You Will Have: Experience within a SOC environment Incidentresponse experience A passion for Cyber Security A qualification/certification more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
Swindon, England, United Kingdom Hybrid / WFH Options
WHSmith
the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incidentresponse efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … of security awareness to mitigate cyber risks and safeguard critical information. What you will be doing Overseeing day-to-day security operations, including monitoring, incidentresponse, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilities Establishing and maintaining … business operations while mitigating risk Maintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practices Leading the organization’s incidentresponse efforts and establishing robust processes for identifying, responding to, and recovering from security incidents Working closely with WHSmith’s technology architects to more »
Cyber Threat Analyst Salary: Up to £37,000 This is an exciting opportunity for someone with threat hunting and incidentresponse experience to join our team to help drive and maintain a critical cyber service for Aviva, and in doing so protect our customers. A bit about the …/platforms, utilising leading security tools using your own research and input from other teams within Aviva. You will also be responsible to support incidentresponse activities escalated to Tier 3 and engage with security teams and business stakeholders to help mitigate risk and ensure that Aviva's …/7 out of hours on call rota. Skills and experience we’re looking for: Demonstrable experience in triaging incidents and going through the incidentresponse lifecycle. Have conducted threat hunts using your understanding of the current threat landscape and methodologies used by attackers. Experience of creating custom more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
Liverpool, England, United Kingdom Hybrid / WFH Options
Hays
Evaluate new security technologies and solutions to enhance the organization's security posture. • Ensure proper configuration and tuning of security tools to maximize effectiveness. • IncidentResponse and forensics – developing and maintaining an incidentresponse plan. • Provide leadership and mentorship to junior members of the security team. … information security strategy. • Experience overseeing day-to-day operations of the outsourced SOC team. • Define and enforce SOC processes and procedures to ensure effective incident detection, response, and remediation. • Experience Coordinating with internal teams and external stakeholders to address security incidents and vulnerabilities. • Experience Conducting regular threat assessments more »
Luton, England, United Kingdom Hybrid / WFH Options
Gamma
Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »
their IT Operations Centre to their OLA's. with other teams and service owners. This role involves proactively identifying and resolving technical issues, coordinating incidentresponse, ensuring the smooth operation of IT services, managing CMDB updates and change monitoring. As the IT Operations Centre Analyst you will work … components, including servers, networks, databases, and storage systems. Experience with monitoring tools, such as Nagios, SolarWinds, Zabbix, or similar. Familiarity with ITIL processes, including incident management, problem management, change management, configuration management, and service capacity management. Proficient in event management techniques and tools. Familiarity with networking protocols, including TCP … technologies. Respond promptly to system alerts and incidents, troubleshoot issues, and take appropriate actions to mitigate disruptions and minimise downtime, following ITIL event and incident management processes. Coordinate incident management activities, including incidentresponse, escalation, and resolution, adhering to defined procedures and operating level agreements (OLAs more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
and governance requirements. Essential Requirements: * 5 years of experience in a technical SOC or cybersecurity role, * 5 years experience of Cyber Security investigations and incidentresponse environments * Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. * Good all round knowledge of different threat scenarios … investigations, incidentresponse processes and remdiation techniques. * Good knowledge of cyber security systems and tooling * Reasonable knowledge of Security Information and Event Management systems * Reasonable knowledge of Firewall systems (Fortigate essential) * Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems * Good knowledge of common operating systems more »
security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy. Identify, evaluate, and mitigate cyber threats. Lead incidentresponse activities and investigations into security breaches. Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement … remediation, through the whole lifecycle to ensure safety and compliance for the business. Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incidentresponse capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the more »
reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. * Ensure timely and robust incident management resolution, including major incidentresponse coordination and management. * Deputise for the Senior IT Security Manager as and when required. Education, Qualifications … of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. * Experience in incidentresponse and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. * Technical knowledge and broad hands-on experience … Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. * Ability to effectively coordinate and manage major incident responses. * Ability to work under pressure and maintain customer service ethic. * Ability to be creative. * Ability to present complex security solutions and situations to more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Head Resourcing
with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incidentresponse plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incidentresponse, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »
proactive and reactive security monitoring across information assets. KPI Development and Improvement: Develop and maintain key performance indicators (KPIs) while identifying areas for enhancement. IncidentResponse Leadership: Be the point person for cybersecurity incidentresponse, ensuring efficient and well-tested processes. Operational Checks: Establish and maintain more »
of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting IncidentResponse activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining … compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, IncidentResponse, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat … Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource more »
Manchester, England, United Kingdom Hybrid / WFH Options
Awaze
security and infosec roadmap. Support the privacy aspects of key processes including supplier risk assessments. Provide advice and support as part of the security incidentresponse team during the invocation of the incidentresponse plan. 🏡 Skills and experience you’ll need to succeed: Here at awaze more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incidentresponse and handling, including log analysis and forensics. Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. In-depth knowledge … with Company Policies and Security Infrastructure Familiarity with AWS Security Best Practices and the business Setup Integration into DevOps Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous more »