Cyber IncidentResponse A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incidentresponse team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the IncidentResponse investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
London, England, United Kingdom Hybrid / WFH Options
OutBreach
Job Description About Us Outbreach provides specialist Cyber IncidentResponse and Crisis Management services to our midsize clients spread across the world. With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security … company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach. Role Description The Incident Responder (IR) is the main person responsible for the technical operational tasks necessary to provide our clients with a high quality, rapid and comprehensive … response to a breach. They will be at the forefront of all incidents and absolutely critical to the successful resolution. They will be intimately familiar with a wide variety of attacks from Ransomware to BEC, insider threat and DDoS to name just a few examples. The IR will be more »
Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incidentresponse like a champion. Main Responsibilities • Mastermind IncidentResponse: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incidentresponse methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Tunstall Healthcare (UK) Ltd
a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incidentresponse, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incidentresponse plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incidentresponse plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »
Swindon, England, United Kingdom Hybrid / WFH Options
WHSmith
the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incidentresponse efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … of security awareness to mitigate cyber risks and safeguard critical information. What you will be doing Overseeing day-to-day security operations, including monitoring, incidentresponse, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilities Establishing and maintaining … business operations while mitigating risk Maintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practices Leading the organization’s incidentresponse efforts and establishing robust processes for identifying, responding to, and recovering from security incidents Working closely with WHSmith’s technology architects to more »
vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incidentresponse plan, act as the incidentresponse leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ more »
Luton, England, United Kingdom Hybrid / WFH Options
Gamma
Active Directory, including user authentication, access controls, and privilege management. Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. Collaborating with cross-functional teams, including more »
East Hagbourne, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … within the University network and taking appropriate remedial action.The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents.OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports several more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
London, England, United Kingdom Hybrid / WFH Options
Sportradar
the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »
Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incidentresponse and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incidentresponse and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »
London, England, United Kingdom Hybrid / WFH Options
Proprius Recruitment
Senior IT Security Engineer, Security Operations, SecOps, IncidentResponse will find, test and implement effective technical solutions to counter cyber security risks, implementing and managing those solutions either directly or by working closely with other teams. This is a hands on technical role, engineering, implementation, configuration and support … Azure-based environments. Monitor and respond to new vulnerabilities. Manage the remediation of vulnerabilities. Actively seeking out the latest research on attacks and countermeasure. IncidentResponse experience and or threat actors understanding is beneficial. Managing Active Directory users, computers and group policy security settings Configuration/hardening of more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incidentresponse and handling, including log analysis and forensics. Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. In-depth knowledge … with Company Policies and Security Infrastructure Familiarity with AWS Security Best Practices and the business Setup Integration into DevOps Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Manchester, England, United Kingdom Hybrid / WFH Options
Be.EV
candidate will bring a combination of technical expertise, strategic vision, and leadership skills to oversee all aspects of network operations, including system monitoring, maintenance, incidentresponse, and customer support. As the Head of Network Operations, you will play a pivotal role in enhancing our network's performance and … charging experience for users. Coordinate with internal teams and external partners to enhance network capabilities, including software updates, hardware upgrades, and new installations. Manage incidentresponse protocols, ensuring swift and effective resolution of any network disruptions or customer issues. Drive the adoption of best practices in network management more »
is an open-source framework developed by Fox-IT for collecting and analyzing large amounts of forensic data. It is a game-changer in incidentresponse, used by leading cybersecurity companies and government agencies. It enables data acquisition and analysis on thousands of systems in minutes, regardless of … the DFIR team to deliver innovative solutions. Your expertise in Python and contribution to the Dissect Framework are essential for the success of the incidentresponse services and directly contribute to a safer society. Fox-IT We are Fox-IT, or Fox. We stand for making the world more »
Middlesbrough, England, United Kingdom Hybrid / WFH Options
GB Bank
created role we’ll ask you to lead on delivering the Bank's strategies and plans to align with industry standards and regulations for Incident Management, Operational Resilience, and Business Continuity. This is a really varied role would suit someone who is a self-starter, enjoys being hands-on … s Operational Resilience roadmap to help prevent, adapt, respond to, recover from, and learn from operational disruptions. Capture relevant information to determine whether an incident needs to be declared and then classifying the severity of the incident (minor to critical). Leading improvements in Business Continuity by designing … compliance status and delivery roadmaps. Work closely with outsourced service providers suppliers as required to implement recovery and resolution plans. Upon resolution of an incident, produce an incident report identifying root cause analysis and lessons learnt and improvements. Skills and experience – you are/will have most of more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »
a deep understanding of information security technologies, you will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will be guided by Threat … completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including … activities including shift cover etc Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours. Support Major IncidentResponse activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC more »
Corsham, Wiltshire, United Kingdom Hybrid / WFH Options
fortice
SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/… Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incidentresponse team. Implement metrics and dashboards to give more »
a deep understanding of information security technologies, you will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will be guided by Threat … completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up. '€¢Perform advanced event and incident analysis, including baseline establishment and trend analysis. '€¢Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including … activities including shift cover etc '€¢Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours. '€¢Support Major IncidentResponse activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. '€¢Identify opportunities for SOC more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
I3 Resourcing Limited
DESIRABLE Key responsibilities: Application and infrastructure planning and testing including integrations Maintaining CI/CD pipelines Automation implementation Guidewire Cloud Console configuration On-call, incidentresponse and incident management Monitoring the software development process through its entire lifecycle and ensuring adherence to security standards Regularly updating or more »