23 of 23 Incident Response Jobs in Buckinghamshire

This position is fully remote and allows you to work from anywhere within Northern Ireland. What You'll Do Lead improvements in detection and response capabilities, continuously optimizing monitoring, alerting, and incident response processes. Mentor junior and mid-level engineers, setting a high standard in security practices … decisions. Lead automation and process optimization efforts by developing scripts and tools to automate repetitive security tasks as well as to enhance detection and response capabilities through the use of automation and integration of security tools. What We'll Expect From You Bachelor's degree in Computer Science, Information ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls … compliance experience with payment processing systems Strong understanding of cloud security (Azure and/or AWS) Application security and secure development lifecycle knowledge Security incident management and cross-functional response coordination Excellent communication skills - able to translate technical security for commercial and executive audiences Experience supporting tender responses ...

Portugal or Ireland. This leader will guide the evolution of an already strong Release Management organization, partnering closely with QA, Engineering, Production, and Incident Management to ensure that every release — client, server, data, and live operations — is predictable, stable, and delivered with excellence. This is not a greenfield function. … that understanding to drive practical, phased improvements that respect existing team expertise and organizational context Partner closely with pods, Production Directors, QA, Engineering, and Incident Management to address systemic challenges upstream of release Refine and evolve release strategy & governance Own and strengthen the release governance framework, including Scope Lock ...

Portugal or Ireland. This leader will guide the evolution of an already strong Release Management organization, partnering closely with QA, Engineering, Production, and Incident Management to ensure that every release — client, server, data, and live operations — is predictable, stable, and delivered with excellence. This is not a greenfield function. … that understanding to drive practical, phased improvements that respect existing team expertise and organizational context Partner closely with pods, Production Directors, QA, Engineering, and Incident Management to address systemic challenges upstream of release Refine and evolve release strategy & governance Own and strengthen the release governance framework, including Scope Lock ...

minimisation, secure model access, and AI transparency requirements Experienced in intrusion detection and prevention systems (IDS/IPS), vulnerability scanning, endpoint protection, and security incident management Skilled in designing network and application security controls, including WAFs, firewalls, zero-trust models, and identity federation mechanisms Able to perform threat modelling … Work closely with Technical Architects, ML Engineers, and DevOps teams to ensure end-to-end protection of data and systems Implement proactive security monitoring, incident response, and resilience strategies, protecting infrastructure from potential threats and attacks Conduct security assessments, penetration testing, and continuous compliance validation across cloud ...

minimisation, secure model access, and AI transparency requirements Experienced in intrusion detection and prevention systems (IDS/IPS), vulnerability scanning, endpoint protection, and security incident management Skilled in designing network and application security controls, including WAFs, firewalls, zero-trust models, and identity federation mechanisms Able to perform threat modelling … Work closely with Technical Architects, ML Engineers, and DevOps teams to ensure end-to-end protection of data and systems Implement proactive security monitoring, incident response, and resilience strategies, protecting infrastructure from potential threats and attacks Conduct security assessments, penetration testing, and continuous compliance validation across cloud ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

Azure Purview, or equivalent. Skilled in defining and enforcing data quality, reliability, and compliance frameworks. Hands-on knowledge of observability practices — monitoring, alerting, and incident response with Prometheus, Grafana, or Datadog, or equivalent. Performance, Optimization & Scalability Expertise in SQL/Spark query tuning, data pipeline optimization, and distributed ...

Azure Purview, or equivalent. Skilled in defining and enforcing data quality, reliability, and compliance frameworks. Hands-on knowledge of observability practices — monitoring, alerting, and incident response with Prometheus, Grafana, or Datadog, or equivalent. Performance, Optimization & Scalability Expertise in SQL/Spark query tuning, data pipeline optimization, and distributed ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings ...

role balancing strategic planning with technical execution. Key Responsibilities Lead and mentor a team of Cloud Engineers Oversee day-to-day cloud operations: monitoring, incident response, troubleshooting, and optimisation. Implement and improve Infrastructure-as-Code practices using Terraform, Ansible, and GitHub Actions. Support development teams through CI/ ...

clearance and have a proven background in Cyber Security Operation Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability ...

clearance and have a proven background in Cyber Security Operation Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability ...

clearance and have a proven background in Cyber Security Operation Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability ...

part of an on-call rota, ready to respond if we have a severe, platform-impacting security tooling failure or need second-line security incident response assistance Desirable You have an interest in offensive security, potentially including participation in CTFs and past experience as a red team operator ...

happening across the internet with a level of visibility comparable to their own internal networks. This allows organizations to close detection gaps, accelerate incident response, and get ahead of critical, recurring threats. Team Cymru is a fast-paced, distribution-focused, private equity–backed company where your work directly ...

happening across the internet with a level of visibility comparable to their own internal networks. This allows organizations to close detection gaps, accelerate incident response, and get ahead of critical, recurring threats. Team Cymru is a fast-paced, distribution-focused, private equity–backed company where your work directly ...

reporting. Collaborate across teams to ensure intelligence findings are rapidly operationalised and communicated to key stakeholders. Produce clear, insightful intelligence reports that inform strategy, response, and prevention efforts. What we're looking for 8+ years' experience in cybersecurity, with a focus on large-scale data analysis, threat intelligence … ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis tools. Background in Incident Response or SOC operations is a plus. Experience in a fast-paced, early-stage environment working with enterprise clients is highly desirable. ...

clients, prospects and partners to frame our solution within our Digital Operations pillar, and specifically aligned with DevOps, ITOps, RunOps, DevSecOps and traditional Major Incident Management/ITSM. We focus on key use cases that are impactful to the above "Ops" teams, SREs, and incident managers who focus … Operations to highlight our measurable business value. Deliver well scoped and managed proof of concepts that integrate across multiple tools to drive automated incident response. Build and deliver enablement for partners to articulate our differentiated value and quantifiable benefits. What You'll Bring 3+ Year(s) of Experience ...