1 to 25 of 220 Incident Response Jobs in the UK excluding London

Cyber Incident Response Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber … Detect Team. Cyber Detect manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a … strong incident readiness program. This is based in Buckinghamshire office x2 days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management more »

Cyber Incident Response A global bank is seeking a Cyber Security Analyst to join their Cyber Security team in London, with the team working across infrastructure, business and application risk, penetration testing, and vulnerability management. The cyber security practice is a mature function and this team member will … specifically work within the incident response team, and will be expected to be well versed across technology control, EDR, and related tools and technology skills. This position has lots of capabilities for progression, access to different tools, and excellent opportunity to develop skills. You will be: Analysing, developing … infrastructure estate. Able to monitor activity upon specified information systems and devices. Proficient in identifying and reporting suspicious or harmful activity. part of the Incident Response investigations into internal and external threats or security incidents. Able to identify and escalate any security breaches and assess their impact. Utilise more »

Job Description As a member of Experian’s Global Security Office, the Enterprise Security Incident Manager functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centre’s (CFCs) response to significant cyber-security incidents according to Experian’s Global Information Security Incident Response Plan and processes. You will be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incident response and managing executive communications until incident termination. The candidate for this role must be a … self-starter, capable of working independently, and have strong technical skills involving cyber-incident response, strong writing skills and effective communication with leaders. This role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incident response, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incident response - Lead security analysis efforts, incident classification, and incident response actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »

Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »

I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your … not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incident response experience. Certifications such as GCIH, GCIA or GCFA/E. Ideally, consultancy experience however, strong regulated exposure is also welcomed. Strong baseline … threat hunting skills and ideally, an interest in research focused tasks. This is an exciting role for an incident responder, looking for a step up from basic cases to truly partner with organisations across the globe. Hybrid role, London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »

implement solutions to mitigate these issues. Collaborate with development teams to optimize application performance, improve resource utilization, and enhance scalability. Implement and maintain robust incident response and post-incident review processes to minimize downtime and prevent recurrence of issues. Drive continuous improvement initiatives to enhance the reliability … scalability, and efficiency of infrastructure and services, getting ahead of customer needs. Participate in on-call rotation and provide support for incident resolution and troubleshooting as needed. Skills and experience you need as Site Reliability Engineer Demonstrable experience (at least 3 years) as a Site Reliability Engineer or similar … and reliability issues in APIs and applications. Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams. Experience with incident response and post-incident review processes, and a commitment to minimizing downtime and preventing recurrence of issues. A proactive mindset with a more »

are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »

Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incident response and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/… Responsibilities: Operating from our modern offices in Dorset, Senior SOC Analysts work within a four-day operational rota, collaborating closely with Digital Forensic and Incident Response teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and … log data to assess the severity and impact of threats. Incident Response and Analysis: Investigating and responding to security incidents promptly. Conducting in-depth analysis of security events to determine scope, impact, and root causes. Threat Hunting: Proactively searching for hidden threats and vulnerabilities within the organization's more »

a comprehensive cybersecurity and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation … is protected against cyber threats and maintain an effective incident response plan, Play a pivotal role in ensuring the security of Tunstall's SaaS products, Identify, review, select, and manage our relationships with appropriate third-party security partners for our products, Work closely with product development teams to … prioritise security risks associated with both internal and external factors, Develop and maintain a risk management framework to mitigate risks effectively, Establish and enhance incident response plans and conduct drills, Evaluate and manage security risks associated with third-party vendors and partners, including those providing security solutions, Establish more »

will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events and more »

celebrate an inclusive culture and offer hybrid working. About the Role We have a new opportunity within Protection and Resilience as Head of Cyber Incident Management , this is a key role within the Operational Resilience Team, where you'll be responsible for ensuring the organisation's ability to respond … effectively to disruptions directly to our organisation or the supplier chain relating to a cyber event. You'll ensure that appropriate cyber related incident and crisis management playbooks exist and are maintained, whilst continually improving the approach to cyber crisis and incident management across AZH, including taking the … lead on playbook execution for specific crises or incidents. Working closely with the Head of Business Continuity Management and the Crisis and Incident Manager to ensure that the design and execution of a multi-year test plan covers key cyber aspects and proactively assesses and validates the operational resilience more »

ensuring clients' data and systems are secure and resilient. Position Summary: As a SOC Analyst, you will be responsible for monitoring security events, conducting incident response, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats. … Key Responsibilities: Monitor security events and logs to identify potential security incidents. Perform incident analysis, classification, and response actions. Provide proactive threat intelligence and recommend mitigation strategies. Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations. Conduct threat hunting activities to identify potential … security breaches. Assist in the tuning of security monitoring tools and systems. Prepare comprehensive incident reports and participate in service review preparations. Maintain excellent communication with customers and internal teams. Stay updated with industry trends, emerging threats, and technological advancements. Required Qualifications: Bachelor’s degree in Cybersecurity, Information Technology more »

ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and Incident Response Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incident response (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »

Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incident response plans. Lead incident response activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »

are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incident response and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »

policies, standards, and procedures across the organization to maintain a secure environment. Operations: Oversee day-to-day security operations, including monitoring of security systems, incident response, and investigation of security breaches. Awareness Training: Develop and deliver security awareness training programs to educate employees about cyber security best practices … and Regulatory Requirements: Ensure compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS) and lead efforts to maintain certifications and accreditations. Incident Response: Lead the response to security incidents, coordinate with internal teams and external stakeholders, and implement corrective actions to prevent recurrence. Tool more »

the SGS’s security strategy. Create and execute security roadmaps, considering business objectives and risk appetite. Stay informed about emerging threats and technologies. 2. Incident Response and Security Operations: Develop incident response plans and coordinate security incident handling. Oversee security monitoring, vulnerability assessments, and penetration more »

and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incident response environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incident response processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »

and governance requirements. Essential Requirements: * 5 years of experience in a technical SOC or cybersecurity role, * 5 years experience of Cyber Security investigations and incident response environments * Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. * Good all round knowledge of different threat scenarios … investigations, incident response processes and remdiation techniques. * Good knowledge of cyber security systems and tooling * Reasonable knowledge of Security Information and Event Management systems * Reasonable knowledge of Firewall systems (Fortigate essential) * Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems * Good knowledge of common operating systems more »

of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incident response team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incident response planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »

risks associated with software products and hardware. Develop and implement risk mitigation strategies and contingency plans. Ensure compliance with relevant industry standards and regulations. Incident Response: Establish and maintain an effective incident response plan. Lead the investigation and resolution of cyber security incidents and breaches. Implement more »

risks associated with software products and hardware. Develop and implement risk mitigation strategies and contingency plans. Ensure compliance with relevant industry standards and regulations. Incident Response: Establish and maintain an effective incident response plan. Lead the investigation and resolution of cyber security incidents and breaches. Implement more »

seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. Job Description … our MXDR services. Key Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incident response activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing … security infrastructure and workflows. Automation: Develop and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to more »