1 to 25 of 53 Remote Permanent Incident Response Jobs in the Thames Valley

EnglishWe are seeking an experienced and highly capable SOC Tier 3 Analyst to serve as a senior member of our Security Operations Center (SOC). You will lead advanced incident response efforts, conduct proactive threat hunting, ... More ❯

contribute to the Continuous Integration and Continuous Delivery (CI/CD) process for building and delivering security tools Design and implement test suites for the security tools Practice sustainable incident response and drive root cause analysis on a rotation basis Career Level - IC3 Qualifications Career Level - IC3 Responsibilities What You’ll Bring: BS degree in Computer Science or More ❯

We are seeking an experienced and highly capable SOC Tier 3 Analyst to serve as a senior member of our Security Operations Center (SOC). You will lead advanced incident response efforts, conduct proactive threat hunting, perform digital forensics, and collaborate cross-functionally to safeguard our digital assets and infrastructure. This is a pivotal role for those passionate … about cybersecurity, threat detection, and investigative analysis. Key Responsibilities Advanced Incident Detection & Response Lead the investigation and resolution of complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep … to uncover hidden anomalies or malicious behavior. Partner with security engineering teams to build detection capabilities based on evolving threats. Digital Forensics & Investigation Conduct detailed forensic investigations to determine incident scope, root cause, and impact. Collect and preserve digital evidence in accordance with legal and regulatory standards. Deliver comprehensive findings, timelines, and impact reports. Remediation & Recovery Advise on containment More ❯

technologies and best practices across IT and OT environments, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience. Responsibilities: Investigate security alerts from our SIEM tool and 3rd party MSSPs … and to provide appropriate incident response actions. Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and actions. Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis to understand how incidents arise. Acting as the key contact and escalation point for … the SOC and Thames Water Digital teams. Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions. Develop and maintain SecOps documentation, policies, and procedures. Collaborate with stakeholders to understand More ❯

s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new … AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. … cyber defense About Nothreat Nothreat is a cybersecurity company building intelligent defense platforms powered by AI. We help enterprises stay ahead of modern threats through real-time detection, automated response, and AI-enhanced decision-making. Join us in shaping the future of proactive, intelligent cyber defense. #J-18808-Ljbffr More ❯

Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to … with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption … information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance More ❯

organisation. You will monitor, detect, and respond to security incidents, and develop measures to protect our systems and data. Location: Hybrid working with occasional travel to office Key Responsibilities: Incident Detection and Response: Monitor alerts, investigate incidents, and follow response processes. Detection Engineering: Develop detection rules and maintain playbooks. Automation and Scripting: Automate tasks using tools like … mitigate potential threats. Collaboration: Work with other cyber defence teams and communicate findings. Continuous Improvement: Suggest and document process improvements. Monitoring: Provide continuous security console monitoring. Technical Analysis: Analyse incident telemetry and investigation pathways. Intelligence Integration: Support investigations with relevant intelligence. Incident Documentation: Record actions and secure data. Reporting: Generate and present technical reports. Qualifications and Experience: SOC … experience and incident response knowledge. Familiarity with Microsoft Azure and AWS. Relevant certifications (e.g., Microsoft SC-200, AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in More ❯

looking for a Senior Security Analyst to join us in either Amsterdam or Reading In this role you'll be part of the technical leadership driving our operational security incident response across our global network. You'll work closely with Incident Managers and other technical teams to detect, respond to, and recover from cyber-attacks—all while … You will be focused on supporting our Telenet brand in Belgium with regular travel to the Offices in Mechelen, Belgium and become the single point of contact for all Incident Response activities working with the local Telenet security team providing Incident Management coordination. What will you be doing? Incident Response & Threat Handling Technical Lead for … Perform deep-dive investigations, including advanced malware analysis, extraction of Indicators of Compromise (IoCs), and mapping out Tactics, Techniques, and Procedures (TTPs). Cross-Functional Collaboration: Work closely with Incident Managers, Incident Commanders, and other technical teams to coordinate an effective response, ensuring clear communication and precise prioritisation. Technical Escalation & Mentorship Escalation Point: Serve as the technical More ❯

. Certifications: CISM, CISSP. Experience with Patch Management, EDR/XDR, Antivirus, NAC (Forescout), Vulnerability Scanning tools (Tenable One, Qualys). Understanding of vulnerability scoring (CVSS/CMSS). Incident Response & Forensic Skills. Support experience with Azure, Oracle Cloud, Windows, Linux, and Mac. Knowledge of security filtering/monitoring solutions and patching processes. #J-18808-Ljbffr More ❯

Certifications: CISM, CISSP Experience with Patch Management, EDR/XDR, Antivirus, NAC (Forescout) Familiarity with Vulnerability Scanning Tools (Tenable One, Qualys) Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident Response & Forensic Management skills Experience with Azure, OCI Cloud, Windows, Linux administration Knowledge of email/security filtering solutions #J-18808-Ljbffr More ❯

relevant regulations. As Information Security Analyst, you'll be responsible for: Monitoring and triaging alerts from our security controls. Assisting employees across Softcat with any security related enquiries and incident response. Collaborating with our security monitoring and incident response service partners. Ensuring incidents are recorded and responded to in accordance with our processes and procedures. Support compliance More ❯

an enthusiastic, passionate, and collaborative team? Join our Risk & Assurance Team As Softcat's business continues to grow and evolve, so have the risks and the regulatory landscape. In response, Softcat Plc has recognised the need to further strengthen its Risk Management and Internal Controls and has created a second line Risk and Assurance function to strengthen the overall … current, comprehensive, and aligned with industry standards and audit expectations. Reviewing effectiveness of first line functions in testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO2 2301, NIST More ❯

offboarding, and permissions management). Implement and ensure compliance with Group Policy Objects (GPOs) and security standards. Conduct regular AD audits and health checks to ensure robust monitoring and incident response capabilities. Supplier and Stakeholder Management Manage third-party supplier relationships, ensuring adherence to Service Level Agreements (SLAs) and the delivery of value. Collaborate with internal teams (IT More ❯

Work with the EMEA SOC team to support threat detection engineering activities Develop and maintain the information sharing platforms (Teams and SharePoint) Act as a member of the EMEA incident response team, under the direction of the regional Head of Cyber Security, with responsibility for incident related research, incident tracking activities and communication Work with the … EMEA Head of Cyber Security to develop incident classification and reporting methods using ServiceNow as the central incident tracking and reporting tool Work with the EMEA branch to identify and document processes to a level sufficient to support the implementation of automated incident response using the Splunk SOAR application Participation in the EMEA information security daily More ❯

working 100% remotely. This is a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working alongside a team of talented … suitability for the role. Key responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content … development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation of Security Controls using automation. Experience working with multi cloud environments (specifically AWS and Azure More ❯

most sophisticated threat actors out there and genuinely develop your career within one of the most reputable banks worldwide. Senior Cyber Operations Analyst – Key Responsibilities: Lead the investigation and response for escalated security incidents, performing in-depth analysis and coordinating containment and mitigation strategies. Conduct proactive threat hunting using network traffic, behavioural patterns, threat intelligence, and security telemetry. Utilise … tune SIEM tools such as Splunk, leveraging advanced queries and dashboards to identify anomalies. Collaborate closely with global security teams, threat intelligence units, and stakeholders to improve detection and response playbooks Senior Cyber Operations Analyst – Requirements: Strong proficiency with SIEM platforms, ideally Splunk, including custom query writing and dashboard development. Deep understanding of incident response, including network More ❯

Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies. As one of the largest pure-play cybersecurity providers, Sophos defends more than 600,000 organizations and more than 100 million More ❯

for reliability, uptime, and efficiency. Automate configuration, provisioning, and deployment to reduce manual effort and streamline operations. Implement and uphold security standards, including encryption, access control, and compliance. Lead incident response and root cause analysis, applying preventive measures to avoid recurrence. Collaborate across teams (QA, DevOps, IT) to troubleshoot and enhance system performance. Maintain clear documentation for configurations More ❯

for reliability, uptime, and efficiency. Automate configuration, provisioning, and deployment to reduce manual effort and streamline operations. Implement and uphold security standards, including encryption, access control, and compliance. Lead incident response and root cause analysis, applying preventive measures to avoid recurrence. Collaborate across teams (QA, DevOps, IT) to troubleshoot and enhance system performance. Maintain clear documentation for configurations More ❯

for reliability, uptime, and efficiency. Automate configuration, provisioning, and deployment to reduce manual effort and streamline operations. Implement and uphold security standards, including encryption, access control, and compliance. Lead incident response and root cause analysis, applying preventive measures to avoid recurrence. Collaborate across teams (QA, DevOps, IT) to troubleshoot and enhance system performance. Maintain clear documentation for configurations More ❯

technical people to be a part of our Global Security Operations team. As a member of this elite team, you’ll take an integral role, providing Managed Detection and Response (MDR) and Managed Extended Detection and Response (MXDR) services to large organisations around the globe. You’ll be working closely with some of the best minds in incident response, malware analysis, and security research, partnering with our customers and partners to defend against the most advanced adversaries. We value our people and empower them to work remotely. As we operate a ‘follow the sun’ global model we don’t ask our people to work unsociable hours. What You'll Be Responsible For: Analysing, triaging, and remediating … security incidents (MDR) Applying your expertise to piece together the attack chain across customers complex environments including cloud, identity, email, network, and endpoint (MXDR) Participating in various stages of incident investigations including taking decisive steps to respond to active breaches and protect our customers Engaging in customer-facing interactions at all levels from SOC analysts to c-suite executives More ❯

technical people to be a part of our Global Security Operations team. As a member of this elite team, you’ll take an integral role, providing Managed Detection and Response (MDR) and Managed Extended Detection and Response (MXDR) services to large organisations around the globe. You’ll be working closely with some of the best minds in incident response, malware analysis, and security research, partnering with our customers and partners to defend against the most advanced adversaries. We value our people and empower them to work remotely. As we operate a ‘follow the sun’ global model we don’t ask our people to work unsociable hours. What You'll Be Responsible For: Analysing, triaging, and remediating … security incidents (MDR) Applying your expertise to piece together the attack chain across customers complex environments including cloud, identity, email, network, and endpoint (MXDR) Participating in various stages of incident investigations including taking decisive steps to respond to active breaches and protect our customers Engaging in customer-facing interactions at all levels from SOC analysts to c-suite executives More ❯

technical people to be a part of our Global Security Operations team. As a member of this elite team, you’ll take an integral role, providing Managed Detection and Response (MDR) and Managed Extended Detection and Response (MXDR) services to large organisations around the globe. You’ll be working closely with some of the best minds in incident response, malware analysis, and security research, partnering with our customers and partners to defend against the most advanced adversaries. We value our people and empower them to work remotely. As we operate a ‘follow the sun’ global model we don’t ask our people to work unsociable hours. What You'll Be Responsible For: Analysing, triaging, and remediating … security incidents (MDR) Applying your expertise to piece together the attack chain across customers complex environments including cloud, identity, email, network, and endpoint (MXDR) Participating in various stages of incident investigations including taking decisive steps to respond to active breaches and protect our customers Engaging in customer-facing interactions at all levels from SOC analysts to c-suite executives More ❯

all IT assets. Security & Compliance Implement and enforce IT security best practices in alignment with ISO 27001, ISO 22301, Cyber Essentials Plus, and internal policies. Assist in risk assessments, incident response, and vulnerability management. Maintain documentation to support audit readiness and operational transparency. Enforce access controls and data protection policies across systems. Project Delivery & Change Management Support the More ❯

all IT assets. Security & Compliance Implement and enforce IT security best practices in alignment with ISO 27001, ISO 22301, Cyber Essentials Plus, and internal policies. Assist in risk assessments, incident response, and vulnerability management. Maintain documentation to support audit readiness and operational transparency. Enforce access controls and data protection policies across systems. Project Delivery & Change Management Support the More ❯