1 to 25 of 123 Permanent Incident Response Jobs with Hybrid or WFH Options

Cyber Incident Response A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incident response team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the Incident Response investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »

I am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you … expertise in cyber security to protect our university's digital infrastructure and ensure the confidentiality, integrity, and availability of our information assets. Key Responsibilities: Incident Triage: Quickly assess the severity and scope of the security breach, prioritise response efforts, and mobilise resources accordingly. Forensic Analysis: Conduct thorough forensic … to contain the breach, remove malicious presence from our systems, and restore affected services. Root Cause Analysis: Identify the root cause of the security incident and recommend remediation actions to address underlying vulnerabilities and security gaps. Communication and Coordination: Collaborate with university stakeholders, including IT staff, administrators, and external more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets … and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring. … tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events. Incident Response Planning and Training: Develop and maintain incident response plans for security incidents occurring within the AWS environment. Conduct regular tabletop more »

Job Description About Us Outbreach provides specialist Cyber Incident Response and Crisis Management services to our midsize clients spread across the world. With offices in London, Dubai, and New York we are different to most other security companies in that we assume our clients will experience a security … company as consultants that can be called on to supplement our permanent teams when our clients experience incidents and engage Outbreach. Role Description The Incident Responder (IR) is the main person responsible for the technical operational tasks necessary to provide our clients with a high quality, rapid and comprehensive … response to a breach. They will be at the forefront of all incidents and absolutely critical to the successful resolution. They will be intimately familiar with a wide variety of attacks from Ransomware to BEC, insider threat and DDoS to name just a few examples. The IR will be more »

and seeking an experienced DFIR Analyst to expand their skills and join our experienced team. Overview: We are seeking a skilled Digital Forensic and Incident Response Analyst with a robust background in system administration and networking with a security focus. The ideal candidate will possess expertise in investigating … mitigate security threats promptly. Utilise knowledge of system administration and networking to lead mitigation and containment strategies during an active incident. Lead Investigations and response to incidents related to DDoS attacks, good understanding of WAF and Firewall capabilities. Maintain internal incident response plans, playbooks, and procedures for … assessments via agent based, forensic collectors and log queries. Deliver training and paper-based assessments to clients. Qualifications: Proven experience in digital forensics and incident response. Strong background in system administration and networking. Familiarity with threat intelligence sources and the ability to translate intelligence into actionable responses. Proficiency in more »

Be the Hero Behind the Walls Passionate about stopping cyber threats? Join our elite team and spearhead proactive security, wielding platform expertise and leading incident response like a champion. Main Responsibilities • Mastermind Incident Response: Dive into alerts, wield the MITRE ATT&CK framework, and lead the … the fabric of every project. Be the trusted advisor, guiding us towards a more secure future. About You • 3+ years of cyber security experience • Incident response methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform more »

a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incident response plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incident response plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »

the Senior Information Security Manager here you will be responsible for maintaining and executing WHSmith’s cyber security strategy, ensuring compliance with regulations, managing incident response efforts, and implementing effective security controls to protect the organisation's digital assets. You will lead cross-functional teams and our third … of security awareness to mitigate cyber risks and safeguard critical information. What you will be doing Overseeing day-to-day security operations, including monitoring, incident response, vulnerability management, and threat intelligence, to maintain a strong security posture and promptly address any security incidents or vulnerabilities Establishing and maintaining … business operations while mitigating risk Maintaining cyber security policies, standards, and procedures, ensuring compliance with industry regulations and best practices Leading the organization’s incident response efforts and establishing robust processes for identifying, responding to, and recovering from security incidents Working closely with WHSmith’s technology architects to more »

vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works … selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incident response plan, act as the incident response leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly review … a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/ more »

Azure Active Directory, including user authentication, access controls, and privilege management.Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune.Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. Ensure … compliance with relevant regulations and industry standards.Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends.Collaborating with cross-functional teams, including MSOC, development, and more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … within the University network and taking appropriate remedial action.The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents.OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports several more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »

Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »

with our clients Cyber Security policies and standards. Key Responsibilities: Service Management of security partners ensuring high levels of performance are delivered across detection, response, and recovery. Developing cyber incident response plans, playbooks, and processes that allow security operations team to respond to incidents rapidly and effectively. … collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing, and vulnerability scanning. Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams. Manage the delivery of daily/weekly security reports. Manage Email security monitoring. more »

Senior IT Security Engineer, Security Operations, SecOps, Incident Response will find, test and implement effective technical solutions to counter cyber security risks, implementing and managing those solutions either directly or by working closely with other teams. This is a hands on technical role, engineering, implementation, configuration and support … Azure-based environments. Monitor and respond to new vulnerabilities. Manage the remediation of vulnerabilities. Actively seeking out the latest research on attacks and countermeasure. Incident Response experience and or threat actors understanding is beneficial. Managing Active Directory users, computers and group policy security settings Configuration/hardening of more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

address potential vulnerabilities and risks. Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. In-depth knowledge … with Company Policies and Security Infrastructure Familiarity with AWS Security Best Practices and the business Setup Integration into DevOps Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous more »

address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »

fully remote. This role is only 2 days a week (14 Hours Weekly Minimum). The main responsibility is to develop and maintain cyber incident response and recovery plans to guide the organisation's response to cyber incidents, including data breaches, ransomware attacks, and other security breaches. … Patch Management Project 5- Cloud Security Requirements: Good Knowledge with Azure Bastion In-depth knowledge and experience with MS Dynamics is essential Experience with Incident response If you're interested, please reply with a CV and i will get back to you!! Thanks, Ryan more »

fully remote. This role is only 2 days a week (14 Hours Weekly Minimum). The main responsibility is to develop and maintain cyber incident response and recovery plans to guide the organisation's response to cyber incidents, including data breaches, ransomware attacks, and other security breaches. … Project 5- Cloud Security Requirements: In-Depth Knowledge with Azure is essential In-depth knowledge and experience with MS Dynamics is essential Experience with Incident response is essential If you're interested, please reply with a CV and i will get back to you!! Thanks, Ryan more »

Hi All, I'm working with a global business looking for an Incident Response Lead who has a wide breath of experience working proactively on incidents and confident in collaborating with teams across the business. You will be a fit if you have experience with: Developing playbooks/ more »