26 to 50 of 81 Incident Response Jobs in the UK excluding London

security policies, standards, and guidelines to ensure that all IT systems and processes adhere to best practices and regulatory requirements. Establish and maintain an incident response plan, ensuring effective procedures are in place to respond to security breaches and minimize impact. Work closely with IT, operations, and business … Previous experience with cloud security architecture and managing security in cloud environments. Technical Skills: Knowledge of security tools and technologies for monitoring, detection, and response (e.g., SIEM solutions, endpoint protection). Familiarity with secure software development practices and DevSecOps principles. QUALITIES AND BEHAVIOURS: Hold and articulate clear values Demonstrate more »

are a highly innovative company in their field. Consequentially they require an accomplished, well-practised SOC Analyst to impact their mission to innovate security response to deliver a best in class Security Operations Centre. As SOC Analyst you will Identification of incidents using multiple SIEM technologies and subsequent analysis … and investigation to determine their severity and the response required. The SOC Analyst will act as incident responder for potential incidents identified, ensure that incidents are documented in accordance with the relevant policies and procedures and required escalations/notifications take place. Be prepared to provide technical expertise … during security incidents, establishing the extent of an attack, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence. SOC Analyst will collaborative with other teams and departments to implement necessary changes to counter an attack more »

a highly innovative company in their field. Consequentially they require an accomplished, well-practised Senior SOC Analyst to impact their mission to innovate security response to deliver a best in class Security Operations Centre. As Senior SOC Analyst you will develop and implement lead incident response for … of contact for the Security Operations Manager for potential incidents, support more junior analysts’ subsequent analysis and investigation to determine their severity and the response required. Additionally the Senior SOC Analyst will serve as a technical escalation point during security incidents, working collaboratively to establish the extent of an … attack, the business impacts, and advising on how best to contain the incident along with system hardening and mitigation measures to prevent a re-occurrence. This is a fantastic opportunity for a Senior SOC Analyst to collaborate with Security Operations Manager where necessary and help develop talent within the more »

dynamic and progressive work environment. This role will be critical in enhancing their Data Loss Prevention (DLP), Security Information and Event Monitoring (SIEM) and Incident Response capabilities. Your primary focus will be on analysing, investigating and remediating cyber threats to safeguard the organisations' assets and data. Leveraging Azure … Mansfield. What are we looking for? Ideally 3 years of experience in Cyber Security, with a focus on SIEM log analysis, threat hunting, and incident response. Good understanding of cloud security, particularly in Azure environments. Hands-on experience with DLP and SIEM tools such as Microsoft Purview and Microsoft more »

management (SIEM) system - Vulnerability scanning and penetration testing - Cloud security - Identity and access management (IAM) - Data loss prevention (DLP) - Endpoint protection - Security operations and incident response Experience in developing and implementing security policies, procedures, and standards. Understanding of legal and regulatory frameworks (e.g., GDPR, ISO 27001, NIST SP more »

and use cases. Automate detection engineering workflows using GitOps and CI/CD principles. Build and optimize security playbooks for detection, threat hunting, and incident response. Enhance threat detection and response capabilities, including Azure Logic Apps. Collaborate with security analysts and stakeholders to address incident response … with GitOps concepts and CI/CD workflows. Experience with security automation platforms (SOAR) and orchestration playbooks. Background in Security Operations and Cyber Security Incident Response. Education: Bachelor's degree preferred (but not essential) in IT, Computer Science, Information Systems, or related field. Relevant experience will be considered in more »

with risk appetites and organisational standards. Conduct and manage technology access reviews, ensuring compliance and appropriate system access levels across the business. Contribute to incident management processes, including root cause analysis and continuous improvement of incident response playbooks. Provide governance oversight and consultancy to ensure business initiatives … auditing, monitoring, and managing compliance frameworks such as ISO27001, PCI-DSS, FCA, GDPR, and IMO. Strong knowledge of cyber-attack techniques, vulnerability testing, and incident response. A track record of conducting risk assessments, control testing, and reporting in a regulated environment. Proven stakeholder management experience within a large and more »

with authentication protocols would also be desirable) Strong knowledge of cloud security principles, including identity management, encryption, and compliance standards. Design of secure networks Incident response (including forensic analysis of malicious code). Endpoint and network security technologies Experience with security as code automation and Azure DevOps would more »

Conduct risk assessments, third-party/vendor risk management, and business continuity planning. Develop, update, and enforce cybersecurity policies, procedures, and security documentation. Perform incident response planning and investigations, working closely with technical and non-technical teams. Deliver executive-level reporting on security risks, compliance KPIs, and audit … What We’re Looking For: Strong experience in information security, with a focus on compliance and risk management. Expertise in ISO 27001, GDPR, and incident response. Exceptional attention to detail, analytical mindset, and proactive approach. Excellent communication skills to bridge technical and non-technical audiences. Relevant certifications (e.g., CISSP more »

following Saab Group IT standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Systems accreditation for internal and external teams Leading IT Security Incident response process Required Skills: System administration Network security Problem solving Information security policies On-call network troubleshooting Firewall administration Network protocols Routers, hubs … and common security elements. Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro more »

focusing on OpenShift and Azure cloud environments to ensure high availability and system reliability. Automation: Develop and implement automated solutions for deployment, monitoring, and incident response, ensuring operational efficiency. Incident Management: Respond to production incidents, troubleshoot issues across the full stack, and ensure minimal downtime by driving … potential issues before they become critical. Continuous Improvement: Continuously assess and enhance the reliability of services through automation, tooling, and process improvements, ensuring efficient incident handling and root cause resolution. The following skills and experience are required for this role: Experience with OpenShift and Azure: Solid understanding and hands more »

Confident in developing complex SIEM rules in Microsoft Sentinel based off real-world attacks and threat intelligence. · Basic understanding of ITSM including change and incident management. · Able to write new playbooks for incident investigation and response. · Experience and understanding of logic-apps and automation, able to design and … implement new automation to meet business/client requirements. · Incident response experience · Threat Intelligence experience including new threat hunting rules. · Fluent in KQL Desirable Skills/Experience: · Experience in troubleshooting bespoke developed connectors. · Azure Experience · Defender Experience · Scripting/Automation · Docker/Virtualisation more »

and auditable manner. Ensure that risks are managed via the IT Information Security Management System (ISMS) and reported into the corporate Risk function. Support incident response investigations. Provide post-incident reviews and make suggestions for improvements to CIO. Conduct security assessments of vendors, partners and third parties more »

guidance across the business. This includes, but is not limited to: - Monitor networks for security issues, investigating breaches and other cyber security incidents, providing incident response. - Perform tests to uncover vulnerabilities, mitigating these to maintain high-security standards - Develop company-wide IT best practice - Support colleagues to install security more »

of the enterprise wide network. You will oversee SOC operations, coordinate activities and lead responses to cybersecurity incidents. Additionally, you will develop and maintain incident response plans, conduct risk assessments, and recommend mitigation strategies. The role requires a self-starter who can work independently, supporting and managing 3rd more »

in monitoring and maintaining the security of the Thales adopted public cloud infrastructure (e.g., AWS, Azure, Google Cloud) in compliance with government security guidelines Incident Response: Support the reporting, investigation and analysis of security incidents and potential breaches within classified environments, helping to resolve issues swiftly Security Auditing more »

integrity and collaborate with internal teams to identify and mitigate security risks. Key Requirements for the Cyber Security Engineer: Strong technical expertise in firewalls, incident response, and vulnerability management. Experience with Microsoft Stack (Azure, Active Directory, O365). Familiarity with Microsoft Defender (EDR solutions) Knowledge of ISO more »

credited and authorised by the world’s leading standards bodies such as the National Cyber Security Centre (NCSC) and CREST in Security Operations Centre, Incident Response and Penetration testing. We are a Microsoft Security partner and have a unique approach to deliver MXDR and Security Managed Services to more »

collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail more »

collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail more »

the integration of security tools (Microsoft Sentinel, DKIM for email security) into the existing IT and OT systems. Security Playbooks: Develop and implement security incident response playbooks for both IT and OT environments. Security Review: Conduct security risk assessments, vulnerability assessments, and make architectural improvements as required. Consultation … Provide consultation on best practices for security monitoring, log management, and incident response. Skills Needed: Proficient in designing, deploying, and managing Microsoft Sentinel in complex environments. Advanced skills in KQL (Kusto Query Language) for building queries, analytics rules, and dashboards. Experience with Sentinel’s integration capabilities, including Azure-native more »

offering a dynamic and progressive work environment. This role will be critical in heling to enhance their Security Information and Event Monitoring (SIEM) and Incident Response capabilities. Your primary focus will be on analysing, investigating and remediating cyber threats to safeguard the organisations' assets and data. Leveraging Azure … Mansfield. What are we looking for? Ideally 3 years of experience in Cyber Security, with a focus on SIEM log analysis, threat hunting, and incident response. Good understanding of cloud security, particularly in Azure environments. Hands-on experience with DLP and SIEM tools such as Microsoft Purview and Microsoft more »

support of a secure, resilient IT infrastructure. You will be responsible for ensuring compliance with ISO27001 and other regulatory standards while overseeing IT operations, incident management, and security initiatives. You will work closely with the Group IT Director, acting as a key advisor and deputising when required. This is … ISO27001, ensuring all infrastructure and security measures align with industry standards. Oversee audit processes (internal & external), ensuring alignment with ISO14298 and regulatory frameworks. Manage incident response, root cause analysis (RCA), and problem resolution, minimising operational disruptions. Support and analyse penetration testing results, implementing robust security improvements. Own IT more »

solutions (Microsoft Security Centre, Defender, Compliance Manager, etc.). Knowledge of security standards like Cyber Essentials and ISO 27001. Familiarity with threat intelligence, security incident response, and disaster recovery. Strong communication skills and the ability to collaborate across technical and non-technical teams. Benefits: Permanent health and private more »

threat modeling. Enhance security tooling and automate capabilities. Collaborate with stakeholders across departments. Lead technical design of systems and services. Support security operations and incident response. Requirements: Minimum 5 years experience as a Lead/Senior Cloud Security Architect. DV Clearance Required. Azure Cyber Security Architect Expert SC more »