12 of 12 Incident Response Jobs in Buckinghamshire

the US, is undergoing a major transformation to build a Group Shared Services model. As part of this evolution, they’re seeking a proactive and technically skilled Security Operations & Incident Response Lead to elevate their security posture across diverse business models, including franchisee and third-party environments. Responsibilities: Lead Incident Response across the organization, coordinating investigations … to drive security improvements. Contribute to the development of security programs and frameworks. Provide technical leadership in Microsoft-centric environments (Defender, Sentinel, Azure 365). Requirements: Proven experience in incident response and vulnerability management. Strong proficiency in Microsoft Defender, Sentinel, Azure 365, Tenable, Nessus. Ability to analyze and remediate security threats across distributed environments. Excellent communication skills for More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

threat modelling and risk assessments for new features and system changes. Evaluate and recommend security technologies and tools. Operational (40%) Manage security environments across Azure and AWS infrastructure. Lead incident response efforts and coordinate vulnerability remediation activities. Manage continuous security monitoring, alerting, and detection systems. Administer vulnerability management and penetration testing programs. Maintain strong identity, access, and privilege … DSS and securing payment systems. Deep understanding of cloud security across Azure and/or AWS. Skilled in application security and the secure development lifecycle (SDLC). Experienced in incident response and cross-functional coordination. Confident supporting tenders and delivering client security assurance. Preferrable If You. Professional certifications such as CISSP, CISM, CISA, or equivalent. Experience in or More ❯

modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain … software products PCI/DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses and client security assurance Preferred More ❯

modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain … software products PCI/DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses and client security assurance Preferred More ❯

of defending enterprise-scale environments, offering exposure to varied client infrastructures, advanced tooling, and complex security challenges. You’ll play a key part in maturing the security function—leading incident investigations, enhancing threat visibility, and mentoring the next generation of analysts—while continuously developing your skills with funded training and certification pathways. What You’ll Do Lead and investigate … and meaningful insights. Experience centralising log sources and onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new technologies quickly. Why Join? Work at the cutting edge of … a global MSP with enterprise clients and complex estates. Move beyond “keeping the lights on” — contribute to strategy, tooling improvement, and advanced threat detection. Career pathways into senior engineering, incident response leadership, or architecture roles. Ongoing funded training and certification investment. Opportunity to cross-train into wider InfoSec disciplines including GRC, Zero Trust, and compliance. Training to CISSP More ❯

is a hands-on leadership role balancing strategic planning with technical execution. Key Responsibilities Lead and mentor a team of Cloud Engineers Oversee day-to-day cloud operations: monitoring, incident response, troubleshooting, and optimisation. Implement and improve Infrastructure-as-Code practices using Terraform, Ansible, and GitHub Actions. Support development teams through CI/CD pipelines. Explore AI-driven More ❯

Basic knowledge of monitoring, logging, and observability tools Understanding of cloud cost management and resource optimisation principles Comfort with troubleshooting and supporting development teams Understanding of service reliability and incident response practices Connells Group UK is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation More ❯

support detection engineering, research, and reporting. Collaborate across teams to ensure intelligence findings are rapidly operationalised and communicated to key stakeholders. Produce clear, insightful intelligence reports that inform strategy, response, and prevention efforts. What we're looking for 8+ years' experience in cybersecurity, with a focus on large-scale data analysis, threat intelligence, or offensive security. Deep experience with … . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis tools. Background in Incident Response or SOC operations is a plus. Experience in a fast-paced, early-stage environment working with enterprise clients is highly desirable. Why join us? Cutting edge, industry More ❯

across the team. Help teams use operational data to improve the stability and performance of their applications Maintain documentation and release notes Have awareness of application security considerations Lead incident response across the team as needed Identify dependencies across the organization and work with teams to resolve them before they become an issue, and install preventative measures to More ❯