1 to 25 of 81 Incident Response Jobs in the UK excluding London with Remote Work Options

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. Incident Response Planning and Training: Develop and maintain incident response plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »

a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incident response plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incident response plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »

the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incident response efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … of security awareness to mitigate cyber risks and safeguard critical information. What you will be doing Overseeing day-to-day security operations, including monitoring, incident response, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilities Establishing and maintaining … business operations while mitigating risk Maintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practices Leading the organization’s incident response efforts and establishing robust processes for identifying, responding to, and recovering from security incidents Working closely with WHSmith’s technology architects to more »

Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incident response plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. In-depth knowledge … with Company Policies and Security Infrastructure Familiarity with AWS Security Best Practices and the business Setup Integration into DevOps Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

candidate will bring a combination of technical expertise, strategic vision, and leadership skills to oversee all aspects of network operations, including system monitoring, maintenance, incident response, and customer support. As the Head of Network Operations, you will play a pivotal role in enhancing our network's performance and … charging experience for users. Coordinate with internal teams and external partners to enhance network capabilities, including software updates, hardware upgrades, and new installations. Manage incident response protocols, ensuring swift and effective resolution of any network disruptions or customer issues. Drive the adoption of best practices in network management more »

created role we’ll ask you to lead on delivering the Bank's strategies and plans to align with industry standards and regulations for Incident Management, Operational Resilience, and Business Continuity. This is a really varied role would suit someone who is a self-starter, enjoys being hands-on … s Operational Resilience roadmap to help prevent, adapt, respond to, recover from, and learn from operational disruptions. Capture relevant information to determine whether an incident needs to be declared and then classifying the severity of the incident (minor to critical). Leading improvements in Business Continuity by designing … compliance status and delivery roadmaps. Work closely with outsourced service providers suppliers as required to implement recovery and resolution plans. Upon resolution of an incident, produce an incident report identifying root cause analysis and lessons learnt and improvements. Skills and experience – you are/will have most of more »

with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »

SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/… Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

DESIRABLE Key responsibilities: Application and infrastructure planning and testing including integrations Maintaining CI/CD pipelines Automation implementation Guidewire Cloud Console configuration On-call, incident response and incident management Monitoring the software development process through its entire lifecycle and ensuring adherence to security standards Regularly updating or more »

SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana … the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards more »

Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment and security solutions, threat intelligence analysis, Security Incident Response processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role • Develop and integrate security event monitoring and incident management services. • Respond to security incidents as they occur as part of an incident response team. • Implement metrics and dashboards to give more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »