ensure that appropriate security controls are in place for KPMG technology solutions. Role summary Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process Coordinate Security Incident management activities across Regions • Provide Member Firms with IncidentResponse advice and support through the regional … set up, and maintain repeatable Teams War Room structure Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements Give Service Management the Security context of any Security … Incident promoted to Major Incidents Assist in the delivery of Cyber War games and purple teaming activities Initiate US Advisory IR assistance requests Coordinate US Advisory IR activities when necessary Key accountabilities Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major more »
Senior IncidentResponse Manager Salary: Up to £120,000 + Great Benefits Package and Bonus UK Wide I am partnered with consultancy giant who are looking for a Senior IncidentResponse Manager to take ownership of their well-established IR function. They are looking for someone … a team of genuine SME’s. Responsibilities You will act as the technical lead, overseeing a team of highly skilled security operation analysts and incidentresponse team, dealing with some of the most complex incidents. Spearhead a variety of projects, collaborating with the wider cyber defence function within … across the wider cyber defence capability having a strong influence across the business, speaking with external clients. Requirements Proven experience leading across Digital Forensics & IncidentResponse in previous IncidentResponse function environments. Experience with tools for open-source investigation (WireShark, TCPDump, Netflow, etc.); network defence monitoring more »
line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incidentresponse processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. … Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this … position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incidentresponse process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incidentmore »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
Senior IncidentResponse Analyst Hybrid – Twice a week in the office (Heathrow Airport) Up to £80,000 + up to 20% bonus + Benefits ------------------------------------------------------------------------------------- Are you ready to tackle cyber threats head-on in a dynamic and high-stakes environment? Joining as a Senior IncidentResponse … on exceptional customer service and operational excellence. ------------------------------------------------------------------------------------- Skills and experience Minimum of 5 years’ experience in endpoint security, malware analysis, threat hunting, penetration testing, incidentresponse, reverse engineering, or digital forensics. Must have strong experience in the operational side. Comprehensive knowledge of AWS cloud infrastructure, including monitoring logs more »
Cyber Incident Manager with excellent stakeholder and team management skills as well as a technical mindset. This role will require you in the office at least twice a week and be on-call one in every four weeks. You will be required to go through SC clearance so need … to have been a UK resident for the past five years, unfortunately we will not be able to provide sponsorship. The Cyber Incident Manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. … threat. Responsibilities Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on more »
are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and IncidentResponse team, along with a number of incidentresponse vendors including forensic, legal, and PR ensure that CFC delivers a cost … effective, but high quality response to our Insureds. The role will also involve working with Underwriting, Finance, IT and Products teams whilst being subject to all relevant legal and statutory (FCA and Lloyd’s) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC … s internal IncidentResponse Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and technology claims on behalf of CFC’s capacity providers from first notification of loss to settlement within more »
The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and IncidentResponse Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incidentresponse playbooks and procedures. Lead incidentresponse efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »
Senior SOC Engineer Hybrid (2 days p/w in office) Leaders in Cybersecurity incidentresponse and managed services, catering to a wide range of clients in both private and public sectors. About the Role: Who We're Seeking: Join our team at the purpose-built 24/… Responsibilities: Operating from our modern offices in Dorset, Senior SOC Analysts work within a four-day operational rota, collaborating closely with Digital Forensic and IncidentResponse teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and … log data to assess the severity and impact of threats. IncidentResponse and Analysis: Investigating and responding to security incidents promptly. Conducting in-depth analysis of security events to determine scope, impact, and root causes. Threat Hunting: Proactively searching for hidden threats and vulnerabilities within the organization's more »
Role: Response Consultant Location: Bristol, Barnsley, Dundee, or Remote Salary: £34,000 to £38,000 per year (dependent on experience) Do you have experience in the response and incident management industry? If so, this could be the perfect opportunity for you! About: A dynamic environmental incidentresponse, consultancy, and training organisation, supporting clients globally in the transport, chemical, shipping, and oil & gas industries, responding to oil, chemical, and HNS incidents. Role Overview: Continually growing and looking for talented Response Consultants to join the team! You will manage and deliver consultancy and training projects … including: - Developing oil spill contingency plans - Conducting environmental risk assessments - Performing readiness audits - Leading incident management exercises You'll also support real-time incident responses, provide technical guidance, interface with clients, and drive business development. Responsibilities: - Manage and deliver consultancy projects - Develop contingency plans and risk assessments - Conduct more »
Senior IncidentResponse Analyst – Cybersecurity - Up to £80k - Hybrid - up to 35% bonus - Excellent Benefits. My client one of the world’s most renowned aviation groups in the world is searching for a Senior IncidentResponse Analyst to join their team! Skills: Able to serve as … to all levels of hierarchy, including senior leadership. Experience: Minimum of 5 years of experience in endpoint security, malware analysis, threat hunting, penetration testing, incidentresponse, reverse engineering, or digital forensics. Familiarity with AWS cloud infrastructure, with hands-on experience monitoring associated logs, including GuardDuty, CloudTrail, and VPC more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated IncidentResponse Consultant. This role is varied, offering the incumbent an opportunity to conduct incidentresponse and threat hunting engagements. Some of your responsibilities will be more »
Cambridge, Cambridgeshire, East Anglia, United Kingdom
Guarding UK
to identify vulnerabilities and implement mitigation strategies. Regulatory Compliance: Stay abreast of security trends, technological advancements, and regulatory changes to continuously enhance security measures. IncidentResponse: Incident Management: Promptly respond to security incidents, ensuring de-escalation and safety for all involved. Investigations: Conduct thorough investigations, gather evidence … accurate records and prepare detailed reports for management review and regulatory compliance. Training and Development: Ongoing Education: Provide continuous training on security procedures, emergency response tactics, and conflict resolution techniques. Drills & Simulations: Conduct regular drills to assess readiness and reinforce best practices for various security scenarios. Professionalism: Foster a … Cybersecurity Operations Manager, Information Security Operations Manager, IT Security Operations Manager, Network Security Operations Manager, Security Control Center Manager, Security Monitoring Manager, and Security IncidentResponse Manager. REF more »
will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. As Senior SOC Analyst you will bring a good … maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incidentresponse actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber IncidentResponse Manager by triaging events and more »
ongoing maintenance and monitoring. the team in demanding environments, provide constructive feedback, and foster individual and team development. as the escalation point for security response incidents, both during and outside business hours. the Cyber Security Incident process/procedure and IncidentResponse Team, conducting war games … and incident scenarios to prepare the IT department for real incidents. forensic investigations and reporting following cyber security incidents, involving third-party specialists if necessary. informed about the latest security threats, principles, techniques, and protocols, including new vulnerabilities, and act on them as needed. within an ITIL V3 & ISO27001 … approaches including ISMS, risk analysis and assessments, the CIA triad, attack vectors (including social engineering), cryptography, confidentiality issues, and best practices for cyber security incidentresponse (including triage and chain of custody). to proactively identify areas for improvement, share lessons learned, and encourage the same behavior in more »
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Matchtech
using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. IncidentResponse: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. … Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic analysis on serious security incidents using data from multiple sources to ensure threats are contained and eradicated effectively. Cyber Crisis Scenario Testing: Participate … important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and more »
Active Directory, including user authentication, access controls, and privilege management. * Managing and maintaining endpoint security solutions, including endpoint protection platforms (EPP), endpoint detection and response (EDR), and mobile device management (MDM) using Microsoft Intune. * Developing and enforcing Data security/Application security policies, standards, and procedures across the organisation. … Ensure compliance with relevant regulations and industry standards. * Working with the Managed SOC and Operational teams, develop and maintain incidentresponse plans. Lead incidentresponse activities, including detection, investigation, containment, and recovery. Staying updated on emerging threats and security trends. * Collaborating with cross-functional teams, including more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
policies, standards, and procedures across the organization to maintain a secure environment. Operations: Oversee day-to-day security operations, including monitoring of security systems, incidentresponse, and investigation of security breaches. Awareness Training: Develop and deliver security awareness training programs to educate employees about cyber security best practices … and Regulatory Requirements: Ensure compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS) and lead efforts to maintain certifications and accreditations. IncidentResponse: Lead the response to security incidents, coordinate with internal teams and external stakeholders, and implement corrective actions to prevent recurrence. Tool more »
London, England, United Kingdom Hybrid / WFH Options
Sportradar
the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »
and governance requirements. Essential Requirements: • 5 years of experience in a technical SOC or cybersecurity role, • 5 years experience of Cyber Security investigations and incidentresponse environments • Good knowledge of Anti Malware, Anti Phishing, EndPoint Detection and Response systems. • Good all round knowledge of different threat scenarios … investigations, incidentresponse processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems more »
scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them. Incident management. The team manage our security incidentresponse activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incidentresponse with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24/7 incident management. Beyond close daily collaboration with other security teams, SecOps engages with all teams across the business at every more »
reviews, and adherence to processes and procedures. Develop and manage the security cloud migration process, identifying and addressing any gaps. Manage the Cyber Security Incident process and the IncidentResponse Team, conducting training exercises to prepare for real incidents. Proactively handle complaints and escalations, resolving issues before … they escalate. Act as the escalation point for security response incidents Conduct one to one performance reviews with team members to support their development. Maintain and enhance the security of IT services, coordinating with third parties for patching, vulnerability resolution, and system hardening. Create and update security documentation to … management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis and assessments, the CIA triad, social engineering, cryptography, confidentiality issues, and incidentresponse best practices. Operate within an ITIL V3 and ISO27001 service delivery framework. Manage relationships with stakeholders. Work to meet defined Service Level more »
the Technology sector, offering excellent career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and IncidentResponse as well as Vulnerability Management and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect … to independently resolve complex issues. Key Responsibilities Respond to security alerts and incidents, following established protocols and best practices. Create response playbooks and standard operating procedures to streamline incidentresponse processes. Work independently to resolve complex security issues, with support and guidance from the Cyber Security Manager … be an added benefit. Skills and Qualifications Significant experience working in a security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerability management, MITRE attack framework, and Incident response. Strong stakeholder engagement skills more »
of security solutions impact business strategies Create documentation of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incidentresponse team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources … to interface various security tools to automate critical response tasks Support Compliance managers in providing Cybersecurity artifacts Align information cybersecurity operations with NIST, and ISO 27001 requirements Establish role as a local presence and focal point for business and IT contact. Create the relationships. As the local Cyber management … controls, processes, and policies to improve security posture and identify gaps in existing controls. Assist with Cyber security awareness initiatives and events Assist with incidentresponse planning and activities Essential Qualifications and Education: Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications 7 or more more »