21 Incident Response Jobs in the South East with Remote Work Options

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

maintain information security strategies and objectives to enhance the overall security posture of the business. Monitor and analyse security incidents and breaches, and lead incident response efforts to contain and mitigate the impact in a timely manner. Reporting to senior management on Cyber related metrics and improvement needs. more »

+ Bonus) You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service … monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur. Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation … changes. Stay updated on the latest information security trends to assess their potential impact on the client's environment. Participate in an on-call incident response team on a rotational basis (fortnightly). Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and more »

information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly. Be the lead in Cyber security incident response and ensure processes and procedures and playbooks are efficient, effective and are tested regularly in line with policy. Develop and maintain a more »

the appropriate SIEM platform and then once it's embedded ensuring BAU and leading security monitoring, carrying out indepth investigations and actively participating in incident response.This is a high profile role where you'll establish Security Operations Centre procedures and processes from the ground up, collaborating with senior stakeholders more »

or autonomy, with little need for escalation It would be great if you had: Knowledge of; Cloud, on-prem, SaaS, PaaS, IaaS environments Security incident response, code/malware analysis Strong coding skills CISSP-ISSEP (Information Systems Security Engineering Professional) Other Cyber/information Security qualification (e.g. CISSP more »

Analyse IT security posture, manage OS patches, and conduct vulnerability scans; advise on risk mitigation. Investigate security breaches, preserve evidence, and maintain a Cybersecurity Incident Response Plan. Develop IT security training for users and promote security awareness. Support IT leadership in technical planning and prioritise system developments. Manage … and applications within a large enterprise networked environment. (Educational background is a plus) Operational experience with Voice and Wireless LAN standards. Developing Cyber Security Incident Plan (CIRP) with forensic readiness. Strong experience in Data Networking Protocols (TCP/IP, OSPF, DHCP, DNS). Proven track record in efficient business more »

third-party monitoring tools to detect issues, perform root cause analysis, and implement remediation actions promptly.Develop comprehensive documentation, runbooks, and playbooks outlining procedures for incident response, troubleshooting, and system maintenance.Qualifications:Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience).Strong experience with Amazon Web more »

security by design. There's a broad range of responsibilities including handling requests related to system administration, operations governance, threat/vulnerability management and incident response, you'll collaborate with engineering teams to evaluate and identify optimal cloud solutions providing subject matter expertise across a range of Azure more »

PowerBI, Nessus, CrowdStrike and Sentinel or similar.Experience in leading internal security audits and developing and embedding comprehensive infosec strategies across the business.Experience managing cyber incident response processes and working with specialist partners.Experience with SQL-based data warehouse solutions.Understanding of network-level security principles and practices Strong understanding of more »

wider Infosec team and any third-party consultants engaged by MWI to provide recommendations based on the findings to chart the way forward. Develop incident response plans and procedures tailored for Azure environments, conduct thorough security incident investigations, and coordinate with relevant stakeholders to effectively mitigate security more »

analysing security logs and events, implementing security controls from the CIS security framework, configuring and managing security tools and technologies. You'll participate in incident response activities and collaborate across teams to ensure security is integrated into all aspects of the organisation.You'll have continual learning and self more »

Standards and Cybersecurity best practices to support complex decisions across the organisation. Support the Cybersecurity Manager in the implementation and maintenance of the cybersecurity incident response procedures and processes. Implementation and maintenance of technical security controls to protect all information assets according to their sensitivity, integrity, and criticality more »

Standards and Cybersecurity best practices to support complex decisions across the organisation. Support the Cybersecurity Manager in the implementation and maintenance of the cybersecurity incident response procedures and processes. Implementation and maintenance of technical security controls to protect all information assets according to their sensitivity, integrity, and criticality more »

networking expertise in escalations and complex changes. Some of your responsibilities will include: Network Infrastructure Management Network Troubleshooting Change Enablement Network Configuration and Optimisation Incident Response Knowledge and experience required: Minimum of 3 years of experience in network administration or support roles. Configuration and troubleshooting of network devices more »

SAP systems. Role Maintenance: Regularly review and update SAP roles and Authorisations to ensure compliance with security standards and regulatory requirements. Security Monitoring and Incident Response: Monitor SAP systems for security breaches, unauthorized access, and suspicious activities. Respond promptly to security incidents and conduct forensic analysis when necessary. more »

solution, especially endpoint security solution. Knowledge of Server Hardware and OS, Database. Advantage - Knowledge/on Database (MS-SQL.) Malicious code analysis or Security Incident Response experience. Windows operating systems and security aexperinece. Hours of work: 37.5 hour week - can be worked flexibly between the hours of 7am more »

such as DataDog and PagerDuty to provide proactive monitoring of production (and other) environments, design and implementation of automation processes to drive efficiencies, leading incident response, troubleshooting and root cause analysis to prevent issues reoccurring. You'll liaise closely with business stakeholders to understand requirements, address concerns and more »

C-SOC) with two laboratory sites. You will assist STFC's cyber team to define, practice,and verify the adequacy of the cyber critical incident response. You will also assist STFC's infrastructure team whomanage the BAU activities relevant to ongoing cyber assurance, patching, cyberreadiness, and routine incident … of relevant SME knowledge andexperience will ensure successful and secure project outcomes. What you'll needto succeed A relevant information security/information managementbackground. Incident management experience and an ability toquickly tailor responses to deal with fast-paced situations. Proven people & stakeholder management skills. Knowledge of Information Security standards more »