1 to 25 of 189 Incident Response Jobs in the UK excluding London

the SGS’s security strategy. Create and execute security roadmaps, considering business objectives and risk appetite. Stay informed about emerging threats and technologies. 2. Incident Response and Security Operations: Develop incident response plans and coordinate security incident handling. Oversee security monitoring, vulnerability assessments, and penetration more »

completion of IT services. You must be eligible for SC clearance for this role! Responsibilities Oversee and help to lead several crucial functions including: Incident Management: Assist in the response to IT service incidents, ensuring rapid restoration of services and minimisation of impact on operations. Develop and maintain … incident response protocols Change Management: Oversee the change management process, ensuring all changes to IT infrastructure are assessed, approved, implemented, and reviewed in a controlled manner to minimise risk and impact on service quality Service Desk Leadership/Support: Support Service Desk team where necessary, ensuring high-level … is advantageous; not not required) Strong understanding of ITIL processes(with certifications in ITIL v3/v4 is preferred) Experience with service desk software, incident and problem management tools Strong communication and leadership skills If you want to work with a specialist defence service provider, apply with your CV more »

created role we’ll ask you to lead on delivering the Bank's strategies and plans to align with industry standards and regulations for Incident Management, Operational Resilience, and Business Continuity. This is a really varied role would suit someone who is a self-starter, enjoys being hands-on … s Operational Resilience roadmap to help prevent, adapt, respond to, recover from, and learn from operational disruptions. Capture relevant information to determine whether an incident needs to be declared and then classifying the severity of the incident (minor to critical). Leading improvements in Business Continuity by designing … compliance status and delivery roadmaps. Work closely with outsourced service providers suppliers as required to implement recovery and resolution plans. Upon resolution of an incident, produce an incident report identifying root cause analysis and lessons learnt and improvements. Skills and experience – you are/will have most of more »

+ Bonus) You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service … monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur. Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation … changes. Stay updated on the latest information security trends to assess their potential impact on the client's environment. Participate in an on-call incident response team on a rotational basis (fortnightly). Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and more »

to become the prefered Digital transformation hub! And you get to be part of it! 😀 What will you be doing? Creating and managing an Incident response pipeline Delegating work out to a team of 7 Analysts Setting up KPI's for the team Compliance and security experience (cyber more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team more »

expand your skills in Digital forensics investigations. You would be part of a team that in the future could see you becoming skilled within Incident Response or becoming a future leader of the business. Role includes: Conducting analysis in either a lab or on client sites Secure and more »

and remediate vulnerabilities with an emphasis on automation and scalability Conduct security assessments and work with other engineering teams to develop secure products Support incident response and remediation including log and forensic data collection Consult with other teams to guide them in addressing vulnerabilities in source code or more »

Standards and Cybersecurity best practices to support complex decisions across the organisation. Support the Cybersecurity Manager in the implementation and maintenance of the cybersecurity incident response procedures and processes. Implementation and maintenance of technical security controls to protect all information assets according to their sensitivity, integrity, and criticality more »

cybersecurity and risk mitigation? Our client is at the forefront, offering top-notch services in penetration testing, vulnerability assessments, security consulting, managed services, and incident response. Join them in their mission to strengthen cybersecurity defenses and protect sensitive data across various sectors. It's time to make a real more »

networking expertise in escalations and complex changes. Some of your responsibilities will include: Network Infrastructure Management Network Troubleshooting Change Enablement Network Configuration and Optimisation Incident Response Knowledge and experience required: Minimum of 3 years of experience in network administration or support roles. Configuration and troubleshooting of network devices more »

version control systems, and release management practices. Familiarity with monitoring and observability tools (Prometheus, Grafana, Dynatrace) Knowledge of security best practices, compliance standards, and incident response protocols. Strong analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. Excellent communication and leadership skills, with the more »

SDDC Manager. Experience of vSphere HA recovery used across availability zones. Experience of Uplink Policy Design Experience of working with restraints of Computer Security Incident Response Team (CSIRT) Security Requirements Design experience within a Cloud-native environment and providing solutions which are affordable, good value and meet security more »

understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incident response procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »

Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

This role demands a strong understanding of cybersecurity threats, the ability to analyse security data, and the skills to respond effectively. Accountabilities Monitoring and Incident Detection: Continuously monitor security alerts and events to identify potential threats. Investigate and analyse security alerts to determine their impact and scope, utilize security … information and XDR platform for real-time threat detection Incident Triage: Evaluate and prioritize security alerts based on severity and potential impact. Determine false positives and escalate genuine threats for further investigation. Response and Resolution: Act promptly to contain and mitigate security incidents. Document incident details, actions … taken, and lessons learned for post-incident analysis. with cross-functional teams to coordinate incident response efforts. Intelligence and Analysis: Stay informed about the latest cybersecurity threats and vulnerabilities. Analyse threat intelligence data to enhance proactive threat detection and prevention measures. Reporting and Documentation: Generate reports on more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security. Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security. Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »

SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana … the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards more »

SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/… Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

C-SOC) with two laboratory sites. You will assist STFC's cyber team to define, practice,and verify the adequacy of the cyber critical incident response. You will also assist STFC's infrastructure team whomanage the BAU activities relevant to ongoing cyber assurance, patching, cyberreadiness, and routine incident … of relevant SME knowledge andexperience will ensure successful and secure project outcomes. What you'll needto succeed A relevant information security/information managementbackground. Incident management experience and an ability toquickly tailor responses to deal with fast-paced situations. Proven people & stakeholder management skills. Knowledge of Information Security standards more »

Standards and Cybersecurity best practices to support complex decisions across the organisation. Support the Cybersecurity Manager in the implementation and maintenance of the cybersecurity incident response procedures and processes. Implementation and maintenance of technical security controls to protect all information assets according to their sensitivity, integrity, and criticality more »

Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management tools, and more »