Job DescriptionCyber Snr. IncidentResponse Specialist - London - £85/£95kMy client is a global consultancy who are adding to their incidentresponse & proactive threat-hunting team to further develop and polish the company's overall service offering. They are looking for a strong incidentresponse consultant who can independently investigate incidents, conduct threat hunting and engage with clients.Responsibilities of a Cyber Snr. IncidentResponse Specialist:Manage and coordinate cyber security incidentsAct as a lead for threat-hunting efforts to establish an attacker's spread through a system and network, anticipating further attacker … activity across endpoints, cloud, and network infrastructureWork closely with the CTI team and create playbooksDigital forensics of relevant incident data (disk, volatile memory, network packets, log files).Have the ability to advise clients on the threat landscape and attacks that may be relevant to themHave an understanding of incidentmore »
Cyber IncidentResponse Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
Idox plc
Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and IncidentResponse: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. IncidentResponse Planning and Training: Develop and maintain incidentresponse plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »
Job DescriptionAbout UsOutbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world.With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security breach and we … for the company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach.Role DescriptionThe Incident Manager (IM) is the glue who holds together all other teams and stakeholders in a cyber incident. You can think of this role like … accountable for their activities.The IM with be extremely detail orientated and comfortable with ensuring processes are appropriately followed and progressed as needed during the incident and quickly raising any challenges to the relevant owner.IMs will generally only be working on one incident at a time though in some more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »
is a super exciting opportunity for someone who wants to join an established team and act as an expert on various matters varying from incidentresponse, network security architecture, policies, and procedures, and more! Main responsibilities:Serve as the primary subject matter expert on Azure security, including Azure … Azure Sentinel, Azure Firewall, and other relevant Azure security tools and services. Design and implement security controls across our clients Azure platform.Develop and maintain incidentresponse procedures and play a key role in incident detection, analysis, containment, and recovery. Investigate security incidents, perform root cause analysis, and … considered for this role, you should have: Prior experience in a security engineering role, with a strong focus on Azure cloud security.Proven experience in incidentresponse management, including incident detection, analysis, and remediation.In-depth knowledge of network security principles, protocols, and technologies.Experience working with standards such as more »
Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incidentresponse and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/… Responsibilities: Operating from our modern offices in Dorset, Senior SOC Analysts work within a four-day operational rota, collaborating closely with Digital Forensic and IncidentResponse teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and … log data to assess the severity and impact of threats. IncidentResponse and Analysis: Investigating and responding to security incidents promptly. Conducting in-depth analysis of security events to determine scope, impact, and root causes. Threat Hunting: Proactively searching for hidden threats and vulnerabilities within the organization's more »
development to ensure our analysts remain knowledgeable and the skills in order to maintain our mission. We are looking for an experienced analyst/incidentresponse analyst with a passion for Cyber Security. Location - Reading/Basingstoke Salary - £35,840 - £48,000 pa As part of our People … more information available on our careers site Key Accountabilities: Monitoring activity on corporate networks for compliance against Company policy. Monitor alerts and first line response to Cyber security incidents. Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player. Additional … and tune existing rules and use cases Assess and develop existing toolsets to improve capability Support the wider AWE in improving our defences Conduct incidentresponse You Will Have: Experience within a SOC environment Incidentresponse experience A passion for Cyber Security A qualification/certification more »
design, implementation and maintenance of robust security measures across network and cloud environments, ensuring protection against potential threats, adherence to industry standards, and proactive incident response. This will include providing security consultancy services to the Change Team. In this role you will Ensure continual alignment of Information Security Policies … with the Architecture team Ensure adherence to industry best practices, regulatory standards, and internal security policies across network and Cloud environments Develop and implement incidentresponse plans specific to network and Cloud security incidents, outlining clear protocols for detection, containment, and recovery Identify and establish partnerships with external … reports Organise and oversee regular vulnerability assessments and penetration testing activities to identify weaknesses and potential entry points for cyber threats Develop and maintain incidentresponse plans aligned with identified risks and potential threats The ideal candidate for the role of Security Engineer will have: - Hold a degree more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incidentresponse efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … a culture of security awareness to mitigate cyber risks and safeguard critical information.What you will be doingOverseeing day-to-day security operations, including monitoring, incidentresponse, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilitiesEstablishing and maintaining cyber … initiatives support business operations while mitigating riskMaintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practicesLeading the organization’s incidentresponse efforts and establishing robust processes for identifying, responding to, and recovering from security incidentsWorking closely with WHSmith’s technology architects to design more »
Swindon, England, United Kingdom Hybrid / WFH Options
WHSmith
the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incidentresponse efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … of security awareness to mitigate cyber risks and safeguard critical information. What you will be doing Overseeing day-to-day security operations, including monitoring, incidentresponse, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilities Establishing and maintaining … business operations while mitigating risk Maintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practices Leading the organization’s incidentresponse efforts and establishing robust processes for identifying, responding to, and recovering from security incidents Working closely with WHSmith’s technology architects to more »
adhering to established policies and guidelines. Product Security Assurance: Lead technical reviews and assessments of product security architectures. Provide expert assurance for secure implementation. Incident Management: Ensure timely and robust incident resolution. Coordinate major incident responses effectively. Deputise for Senior IT Security Manager: Step in when required … practices. Control Maturity: Experience designing control maturity tests and conducting assessments. Remediation Leadership: Track record of overseeing security assessments, technical testing, and vulnerability analysis. IncidentResponse: Familiarity with incidentresponse processes and continuous improvement. APPLY for more information today more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
services, ensuring clients' data and systems are secure and resilient.Position Summary:As a SOC Analyst, you will be responsible for monitoring security events, conducting incidentresponse, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats.Key … Responsibilities:Monitor security events and logs to identify potential security incidents.Perform incident analysis, classification, and response actions.Provide proactive threat intelligence and recommend mitigation strategies.Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations.Conduct threat hunting activities to identify potential security breaches.Assist in the tuning … of security monitoring tools and systems.Prepare comprehensive incident reports and participate in service review preparations.Maintain excellent communication with customers and internal teams.Stay updated with industry trends, emerging threats, and technological advancements.Required Qualifications:Bachelor’s degree in Cybersecurity, Information Technology, or a related field, or equivalent experience.2-4 years of more »
ensuring clients' data and systems are secure and resilient. Position Summary: As a SOC Analyst, you will be responsible for monitoring security events, conducting incidentresponse, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats. … Key Responsibilities: Monitor security events and logs to identify potential security incidents. Perform incident analysis, classification, and response actions. Provide proactive threat intelligence and recommend mitigation strategies. Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations. Conduct threat hunting activities to identify potential … security breaches. Assist in the tuning of security monitoring tools and systems. Prepare comprehensive incident reports and participate in service review preparations. Maintain excellent communication with customers and internal teams. Stay updated with industry trends, emerging threats, and technological advancements. Required Qualifications: Bachelor’s degree in Cybersecurity, Information Technology more »
Glasgow, Glasgow City, City of Glasgow, United Kingdom
Nine Twenty
This role demands a strong understanding of cybersecurity threats, the ability to analyse security data, and the skills to respond effectively. Accountabilities Monitoring and Incident Detection: Continuously monitor security alerts and events to identify potential threats. Investigate and analyse security alerts to determine their impact and scope, utilize security … information and XDR platform for real-time threat detection Incident Triage: Evaluate and prioritize security alerts based on severity and potential impact. Determine false positives and escalate genuine threats for further investigation. Response and Resolution: Act promptly to contain and mitigate security incidents. Document incident details, actions … taken, and lessons learned for post-incident analysis. with cross-functional teams to coordinate incidentresponse efforts. Intelligence and Analysis: Stay informed about the latest cybersecurity threats and vulnerabilities. Analyse threat intelligence data to enhance proactive threat detection and prevention measures. Reporting and Documentation: Generate reports on more »
Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »
Luton, England, United Kingdom Hybrid / WFH Options
Gamma
Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »
This role demands a strong understanding of cybersecurity threats, the ability to analyse security data, and the skills to respond effectively. Accountabilities Monitoring and Incident Detection: Continuously monitor security alerts and events to identify potential threats. Investigate and analyse security alerts to determine their impact and scope, utilize security … information and XDR platform for real-time threat detection Incident Triage: Evaluate and prioritize security alerts based on severity and potential impact. Determine false positives and escalate genuine threats for further investigation. Response and Resolution: Act promptly to contain and mitigate security incidents. Document incident details, actions … taken, and lessons learned for post-incident analysis. with cross-functional teams to coordinate incidentresponse efforts. Intelligence and Analysis: Stay informed about the latest cybersecurity threats and vulnerabilities. Analyse threat intelligence data to enhance proactive threat detection and prevention measures. Reporting and Documentation: Generate reports on more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
policies, standards, and procedures across the organization to maintain a secure environment. Operations: Oversee day-to-day security operations, including monitoring of security systems, incidentresponse, and investigation of security breaches. Awareness Training: Develop and deliver security awareness training programs to educate employees about cyber security best practices … and Regulatory Requirements: Ensure compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS) and lead efforts to maintain certifications and accreditations. IncidentResponse: Lead the response to security incidents, coordinate with internal teams and external stakeholders, and implement corrective actions to prevent recurrence. Tool more »
the SGS’s security strategy. Create and execute security roadmaps, considering business objectives and risk appetite. Stay informed about emerging threats and technologies. 2. IncidentResponse and Security Operations: Develop incidentresponse plans and coordinate security incident handling. Oversee security monitoring, vulnerability assessments, and penetration more »