1 to 25 of 63 Incident Response Jobs in the North of England

a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incident response plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incident response plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »

ensuring clients' data and systems are secure and resilient. Position Summary: As a SOC Analyst, you will be responsible for monitoring security events, conducting incident response, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats. … Key Responsibilities: Monitor security events and logs to identify potential security incidents. Perform incident analysis, classification, and response actions. Provide proactive threat intelligence and recommend mitigation strategies. Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations. Conduct threat hunting activities to identify potential … security breaches. Assist in the tuning of security monitoring tools and systems. Prepare comprehensive incident reports and participate in service review preparations. Maintain excellent communication with customers and internal teams. Stay updated with industry trends, emerging threats, and technological advancements. Required Qualifications: Bachelor’s degree in Cybersecurity, Information Technology more »

ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and Incident Response Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incident response (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »

Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »

and governance requirements. Essential Requirements: * 5 years of experience in a technical SOC or cybersecurity role, * 5 years experience of Cyber Security investigations and incident response environments * Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. * Good all round knowledge of different threat scenarios … investigations, incident response processes and remdiation techniques. * Good knowledge of cyber security systems and tooling * Reasonable knowledge of Security Information and Event Management systems * Reasonable knowledge of Firewall systems (Fortigate essential) * Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems * Good knowledge of common operating systems more »

logs using advanced SIEM, IDS/IPS, and Firewall systems. Conduct proactive threat hunting to identify and mitigate potential vulnerabilities before they are exploited. Incident Response & Forensics: Lead the investigation and remediation of security incidents, including malware outbreaks, phishing attacks, and network intrusions. Perform detailed forensic analysis to … of the latest cybersecurity trends, threat landscapes, and emerging technologies. Recommend and implement innovative security solutions to enhance our security posture. Develop and refine incident playbooks and runbooks. Certifications (preferred): Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ Certified Information Security Manager (CISM) GIAC Security … attacks, DDoS, and lateral movement. Solid grasp of network fundamentals (OSI Stack, TCP/IP, DNS, HTTP(S), SMTP). Experience with security monitoring, incident response, and vulnerability management. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to thrive in a fast-paced, dynamic more »

logs using advanced SIEM, IDS/IPS, and firewall systems. Conduct proactive threat hunting to identify and mitigate potential vulnerabilities before they are exploited. Incident Response & Forensics: Lead the investigation and remediation of security incidents, including malware outbreaks, phishing attacks, and network intrusions. Perform detailed forensic analysis to … of the latest cybersecurity trends, threat landscapes, and emerging technologies. Recommend and implement innovative security solutions to enhance our security posture. Develop and refine incident playbooks and runbooks. Certifications (preferred): Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ Certified Information Security Manager (CISM) GIAC Security … attacks, DDoS, and lateral movement. Solid grasp of network fundamentals (OSI Stack, TCP/IP, DNS, HTTP(S), SMTP). Experience with security monitoring, incident response, and vulnerability management. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to thrive in a fast-paced, dynamic more »

will play a key role in supporting InfoSec initiatives, identifying and managing security issues and ensuring the robustness of IT security operations. Responsibilities Security Incident Response: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … Hands-on experience with Azure cloud security tools and infrastructure management, including M365, IAM, RBAC, Sentinel, Defender for Cloud, Secure Score and Log Monitoring. Incident Management: Ability to identify, respond to and manage security incidents efficiently. Vulnerability Management: Experience in monitoring, prioritising and implementing remediation activities for security vulnerabilities. … Collaboration: Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting: Beneficial Scripting experience for automation and incident response tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud Secure Score With a salary circa £55k and the opportunity for hybrid working more »

of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »

created role we’ll ask you to lead on delivering the Bank's strategies and plans to align with industry standards and regulations for Incident Management, Operational Resilience, and Business Continuity. This is a really varied role would suit someone who is a self-starter, enjoys being hands-on … s Operational Resilience roadmap to help prevent, adapt, respond to, recover from, and learn from operational disruptions. Capture relevant information to determine whether an incident needs to be declared and then classifying the severity of the incident (minor to critical). Leading improvements in Business Continuity by designing … compliance status and delivery roadmaps. Work closely with outsourced service providers suppliers as required to implement recovery and resolution plans. Upon resolution of an incident, produce an incident report identifying root cause analysis and lessons learnt and improvements. Skills and experience – you are/will have most of more »

Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment and security solutions, threat intelligence analysis, Security Incident Response processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »

including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incident response capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »

team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incident response capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ?Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ?Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ?Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »

critical and high priority issues and resolve and/or escalate where required • Experience working with Cloud Security, Cyber security (Malware, penetration testing, forensics, incident response), endpoint Security, Security Incident and Event management, Data Protection, network Security, Identity & Access Management • Excellent verbal and written communication skills, with more »

understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incident response procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »

to protect the businesses internal/customer data in line with current legislations. Developing and embedding mature processes that focus on Risk Management and incident response. Carry out risk assessments and conducting frequent GDPR compliance audits. Work with stakeholders to develop Business Continuity and Disaster Recovery plans across the more »

tools, and methodologies. Recommend and implement appropriate security solutions to enhance the organization's security posture and resilience against cyber threats. Develop and maintain incident response plans and procedures to effectively respond to security incidents and breaches. Coordinate with internal teams and external stakeholders to contain incidents, minimize more »

creation, including report and procedure development. Essential Skills: * Microsoft O365 platform expertise. * Advanced Threat Intelligence analysis and best practices implementation. * Proficient in managing Security Incident Response processes. * Knowledgeable about Disaster Recovery and Business Continuity principles. * Experienced in event and log analysis. The company is looking to fill this more »

scope of attacks and the affected systems Use threat intelligence to pinpoint scale of the attack, the type of attack and systems affected Conduct incident response activities Use IOC’s to research threats and decide on best course of action Skills: Experience with SIEM tools to provide security … to customers (Azure/Microsoft Sentinel experience a bonus) Experience with EDR (Endpoint Detection Response) tools Experience with Microsoft Defender (Preferred) MSP/MSSP experience desired Previous experience in a Security Analyst or Senior Security Analyst role Cloud Decisions are proud to be part of Microsoft UK's Talent more »

working, in house L&D, 28 days holiday +BH Skills required for this role: - Experience working with SIEM solutions (ideally Sentinel) - Vulnerability management (Nessus) - Incident Response - Implementing appropriate mediation Desirables: - SC Clearance - Large guideline expérience (ISO27001, Cyber Essentials, etc) This role gives the right candidate an opportunity to more »

through ongoing threat analysis and being up to date with the future threat landscape. Working with security tools such as; Sentinel, Defender and Azure Incident response planning for different Cyber Threats Monitoring of IT Security systems, providing trend analysis Implementing and maintaining firewall configurations What's in it more »