ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and IncidentResponse Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incidentresponse (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »
Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »
reviews, and adherence to processes and procedures. Develop and manage the security cloud migration process, identifying and addressing any gaps. Manage the Cyber Security Incident process and the IncidentResponse Team, conducting training exercises to prepare for real incidents. Proactively handle complaints and escalations, resolving issues before … they escalate. Act as the escalation point for security response incidents Conduct one to one performance reviews with team members to support their development. Maintain and enhance the security of IT services, coordinating with third parties for patching, vulnerability resolution, and system hardening. Create and update security documentation to … management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis and assessments, the CIA triad, social engineering, cryptography, confidentiality issues, and incidentresponse best practices. Operate within an ITIL V3 and ISO27001 service delivery framework. Manage relationships with stakeholders. Work to meet defined Service Level more »
Chester, England, United Kingdom Hybrid / WFH Options
Digital Gurus
robustness of IT security operations. The technical stack represents a blend of Azure, M365, IAM, Sentinel, Defender for Cloud and Log Monitoring. Responsibilities Security IncidentResponse: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … security vulnerabilities. Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting experience will be beneficial for automation and incidentresponse tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud (Secure Score) Interested? Apply now to find out more more »
Leeds, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »
Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct … counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Document incidents to contribute to incidentresponse and disaster recovery plans. Perform internal and external security audits. In the case of third-party vendors, verify their security strength and … reporting Real Time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Be prepared to provide a Technical Escalation more »
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
CIIH Ltd T/A Headway Recruitment
standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security IncidentResponse processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »
Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct … counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Document incidents to contribute to incidentresponse and disaster recovery plans. Perform internal and external security audits. In the case of third-party vendors, verify their security strength and … reporting Real Time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Be prepared to provide a Technical Escalation more »
client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incidentresponse capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »
Doncaster, South Yorkshire, Yorkshire, United Kingdom
Forward Role
client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC members work to provide assurance detection and incidentresponse capabilities to organisations of all sizes. They are now looking for a Security Analyst to join their CREST certified Security Operations Centre … SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incidentresponse capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ✨Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »
alerts - Analyse and respond to security events - Conduct root cause analysis and forensic investigations - Collaborate with IT and security teams to resolve incidents - Maintain incidentresponse procedures and documentation Desirable Skills: - Experience with Microsoft technologies (Windows Server, Active Directory, Azure) - Knowledge of Elasticsearch and Linux - Familiarity with SIEM more »
understanding of Azure Sentinel and Microsoft Defender. Key Responsibilities: Monitor security events and alerts using Azure Sentinel and Microsoft Defender, ensuring timely and effective response to potential threats. Mentor L1/L2 SOC Analysts whilst acting as their technical escalation point. Analyze and investigate security incidents, providing detailed reports … configurations, and policies within Azure Sentinel and Microsoft Defender. Collaborate with cross-functional teams to develop and enhance security strategies, including threat hunting and incidentresponse procedures. Stay updated with emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks. Requirements: Proven experience as a more »
Sheffield, South Yorkshire, Yorkshire, United Kingdom
Purview Consultancy Services Ltd
to protect the businesses internal/customer data in line with current legislations. Developing and embedding mature processes that focus on Risk Management and incident response. Carry out risk assessments and conducting frequent GDPR compliance audits. Work with stakeholders to develop Business Continuity and Disaster Recovery plans across the more »
Manchester, Clifton, City and Borough of Salford, United Kingdom Hybrid / WFH Options
Advania UK
business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an IncidentResponse Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical more »
business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities. Qualifications & Experience: Professional experience of working in an IncidentResponse Team or a similar environment. Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical more »
Leeds, West Yorkshire, United Kingdom Hybrid / WFH Options
Matchtech
Collaborate with the IT Department in implementing and maintaining security measures across the infrastructure. Act as the escalation point for security incidents, ensuring prompt incident management and response. Manage forensic investigations and reporting, engaging third-party specialists when required.s. Key Requirements Proven track record in leading a technical security …/prevention systems, antivirus software, authentication systems, and log management. Strong knowledge of security approaches, including risk analysis, attack vectors, cryptography, and cyber security incidentresponse best practices. If the above role sounds like the right step in your career then please get in touch for some more more »
Greater Cheshire West and Chester Area, United Kingdom Hybrid / WFH Options
psd group
to vulnerability management reduction across all IT Systems and you will work with the SOC to assist in the coordination and management of cyber incidentresponse activities. The ideal candidate will have come from a IT Infrastructure background, have moved into Cyber Security, and will hold a current … due to the volume of applications received, we are unable to communicate feedback to all candidates. In the event you have not received a response within 14 days of your application, it is unlikely that your application will be progressed on this occasion. Please continue to review our website more »
Warrington, England, United Kingdom Hybrid / WFH Options
Tata Consultancy Services
Perform data profiling and analysis to identify patterns, trends, and insights. Conduct security assessments and vulnerability scanning. Respond to security incidents and participate in incidentresponse activities. Stay updated on evolving security threats and Microsoft security solutions. Act as a point of contact between SOC team and customer. … of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Application Process 1. Online application > 2. Technical discussion > 3. Managerial discussion > 4. more »
to ensure timely identification, capture, assignment, processing and completion of incidents and service requests • Monitor ticket queues to identify trends and escalate to Major Incident or Problem where appropriate • Knowledge sharing and participation in meetings to ensure an excellent customer experience • Provide advice and guidance to customers and liaise … parties on support issues where appropriate • Ensure that users are kept informed of the status of any outstanding calls • Ensure that documentation (technical notes, incident resolution notes, installation procedures, user guides etc.) are developed and maintained up to date and stored in the appropriate document repository • When a Major … Incident occurs, reprioritise work in accordance with the requirements dictated by the Digital Workplace Manager • Work with other teams within the IT Department to achieve call resolution. Technical Support • Support videoconferencing facilities & meeting room functionality (including tele-conferences, web meetings and room bookings) • Troubleshooting of networking issues including cabling more »
and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and incidentresponse capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test more »
incidents, acting as the "security lead" within a resolver group. · Ensure that the Head of Security Operations and other senior stakeholders are appraised of incident impact, developments, and outcomes. · Recognise when external assistance is required to support or guide incidentresponse and escalate promptly. · Develop - and guide … the development of - runbooks and processes, ensuring they're fit-for-purpose and followed. · Prepare incident reports and gather reporting metrics for cyber events and incidents. · Analyse security event trends to tune rules and thresholds to improve the fidelity of detections and alerts. What you’ll need: · Extensive experience more »
standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security IncidentResponse processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal more »
Handle security incidents and escalations, manage 3rd-party technical support. Provide security metrics, maintain documentation, and collaborate on technology design. Oversee security platform support, incidentresponse, and vulnerability management. Track cyber threats, support vulnerability analysis, and lead system patching and updates. Integrate security into BAU processes, maintain technical more »
Warrington, England, United Kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
Perform data profiling and analysis to identify patterns, trends, and insights. Conduct security assessments and vulnerability scanning. Respond to security incidents and participate in incidentresponse activities. Stay updated on evolving security threats and Microsoft security solutions. Act as a point of contact between SOC team and customer. more »