Cyber IncidentResponse Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »
london, south east england, United Kingdom Hybrid / WFH Options
Sterlings
Cyber IncidentResponse A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incidentresponse team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the IncidentResponse investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incidentresponse/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incidentresponse experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »
implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incidentresponse and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incidentresponse and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »
are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and IncidentResponse team, along with a number of incidentresponse vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal IncidentResponse Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
Guildford, Surrey, South East, United Kingdom Hybrid / WFH Options
Allianz Insurance Plc
celebrate an inclusive culture and offer hybrid working. About the Role We have a new opportunity within Protection and Resilience as Head of Cyber Incident Management , this is a key role within the Operational Resilience Team, where you'll be responsible for ensuring the organisation's ability to respond … effectively to disruptions directly to our organisation or the supplier chain relating to a cyber event. You'll ensure that appropriate cyber related incident and crisis management playbooks exist and are maintained, whilst continually improving the approach to cyber crisis and incident management across AZH, including taking the … lead on playbook execution for specific crises or incidents. Working closely with the Head of Business Continuity Management and the Crisis and Incident Manager to ensure that the design and execution of a multi-year test plan covers key cyber aspects and proactively assesses and validates the operational resilience more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incidentresponse team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incidentresponse planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »
seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. Job Description … our MXDR services. Key Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incidentresponse activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing … security infrastructure and workflows. Automation: Develop and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to more »
london, south east england, United Kingdom Hybrid / WFH Options
Hunter Bond
Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incidentresponse and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incidentresponse and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »
solutions tailored to the business's requirements. Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incidentresponse, monitoring, endpoint security, identity and access management, network security, and cryptography. Assist in developing and maintaining security policies, processes, incidentresponsemore »
london, south east england, United Kingdom Hybrid / WFH Options
Proprius Recruitment
Senior IT Security Engineer, Security Operations, SecOps, IncidentResponse will find, test and implement effective technical solutions to counter cyber security risks, implementing and managing those solutions either directly or by working closely with other teams. This is a hands on technical role, engineering, implementation, configuration and support … Azure-based environments. Monitor and respond to new vulnerabilities. Manage the remediation of vulnerabilities. Actively seeking out the latest research on attacks and countermeasure. IncidentResponse experience and or threat actors understanding is beneficial. Managing Active Directory users, computers and group policy security settings Configuration/hardening of more »
london (city of london), south east england, United Kingdom Hybrid / WFH Options
i3
DLP. Collaborate with cross-functional teams to ensure the integration of security throughout the IT lifecycle. Investigate and respond to security incidents, and develop incidentresponse and disaster recovery plans. Ensure compliance with industry standards and global regulatory frameworks. Provide guidance and training to team members on cloud … Experience with SIEM tools, such as Splunk, ELK stack, or Azure Sentinel. Understanding of secure coding practices and experience with static code analysis tools. Incidentresponse and forensics skills. Relevant security certifications, such as CISSP, CCSP, or cloud platform-specific certifications Infrastructure as code: use Terraform and Azure more »
existing team. You will be joining a developing team as a technical resource where you will have the opportunity to lead on projects around incidentresponse, vulnerability management, EDR scanning and more. You will work with an already wide ranging tech stack for an exciting scaling business with … exposure to Data Protection & GDPR would be highly sought after too. In this role you will: Work on a variety of technical projects across incidentresponse, vulnerability management, triaging and more Work with third parties and vendors to ensure full security coverage Provide support to the governance and more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over more »
new tools and techniques to enhance the security posture Administer and mature tool configurations, optimize performance, and feature utilization Integrate tools to automate critical response tasks. Evaluate TVM tool and patches, updates, and perform maintenance Develop detailed documentation on TVM implementation, configuration, and processes Plan, develop, and implement new … security devices or services for TVM as needed Identify, create and mature cybersecurity operations processes. Assist with forensic investigations and incidentresponse team (CIRT) activities.as needed Assist with security awareness activities (communications, posters, events, assessments) as needed Participate in incident runbook development Escalate pertinent findings in a … management expertise Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions. Experience and participation as needed with security incident and investigations Assist as needed with security awareness content such as communications, posters, presentations Experience with security management/configuration cloud tools and services more »
analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2/3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are … Security Playbook. Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incidentresponse capability. You will act as the single point of contact for all security related response actions and decisions, including management of … each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. more »
london, south east england, United Kingdom Hybrid / WFH Options
Korn Ferry
and looking for a Senior Security Analyst to join the Global Team. You will play a crucial role in ensuring effective security monitoring and incident response. This role will also be required to assist in the development, implementation, and maintenance of the IT Security program in the company. We … Security and ideally CISSP (although for the right candidate we can support the gaining of this qualification). Key responsibilities include: Security Monitoring and IncidentResponse Monitoring systems for signs anomalies, attacks, and unauthorized activities. Investigate potential incidents and provide timely feedback. Analyze events to identify trends, threats more »
including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incidentresponse team. Implement metrics and dashboards to give more »
build the firm’s cyber practice, operating as the lead or (on larger, complex matters) co-lead on all cyber projects, covering preparedness and response briefs. You will also be responsible for developing and driving BD in the cyber space, working with the Senior Director. Cyber incident preparedness … and response is a key, growing field of work this team undertakes and they have worked on a number of high-profile incidents over the last two years. They are also increasingly undertaking cyber incident preparedness projects for existing and new clients, as well as extending their network … team who come from an array of professional backgrounds including journalism, banking, law, as well as communications. RESPONSIBILITIES Leading cyber communication projects (preparedness and response) with minimal input from the Senior Director, where required Devising cyber response communications strategy, covering all stakeholder audiences, with knowledge of regulatory requirements more »
across various Identity providers. Actively monitor emerging security technologies, trends, and solutions, assessing their applicability to business initiatives and strategies. Participate in Information Security IncidentResponse activities. Monitor compliance with information security policies and procedures among employees, contractors, and third parties. Collaborate with key stakeholders to create and more »
and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incidentresponse, conduct post-incident reviews (PIRs), root-cause analysis (RCAs), and implement mitigating solutions. Manage capacity for cyber platforms proactively. Design data more »