Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Service is a key leadership role responsible for overseeing day-to-day operations, managing the SOC team during shifts, and ensuring effective security analysis, incidentresponse, and monitoring of client infrastructure. Reporting to the SOC Operations Manager, the Shift Lead is a critical escalation point during incidents, contributing … continual service improvement and staff development. What youll be doing: Team oversight - Directly manage and oversee all Analysts during assigned shifts. Security analysis and incidentresponse - Lead security analysis efforts, incident classification, and incidentresponse actions. Monitoring client security infrastructure - Oversee the continuous monitoring of … client infrastructure. SOC escalation point - Act as a key escalation point during incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business more »
The ideal candidate will have a strong background in Sentinel, Infrastructure as Code (IAC), and Security Operations (SecOps). Key Responsibilities Security Monitoring and IncidentResponse Implement and manage security monitoring solutions using Microsoft Sentinel. Develop and maintain incidentresponse playbooks and procedures. Lead incidentresponse efforts, including investigation, containment, and remediation. Develop and maintain secure IAC templates using tools such as Terraform, CloudFormation, or ARM. Conduct security reviews and audits of IAC templates to identify and mitigate risks. Perform regular security assessments, vulnerability management, and penetration testing. Risk Management and Compliance Identify more »
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Matchtech
using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. IncidentResponse: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. … Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic analysis on serious security incidents using data from multiple sources to ensure threats are contained and eradicated effectively. Cyber Crisis Scenario Testing: Participate … important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
are a small team, and every member contributes to all aspects of information security operations. You will get the opportunity to be part of incidentresponse and help develop tools for security operations. OxCERT can provide the required security training for strong candidates and help them achieve industry … the University network and taking appropriate remedial action. The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing … University-wide information security initiatives, and in co-ordinating response to major security threats and incidents. OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports more »
London, England, United Kingdom Hybrid / WFH Options
Sportradar
the central point of contact during critical situations, including but not limited to technology, financial, security, privacy, and people, to ensure swift and effective response, addressing people safety issues, minimizing addressing service downtime, and restoring normal operations in alignment with predefined service level agreements (SLAs). The role requires … experts, support functions, and business units, to investigate, diagnose, resolve major incidents efficiently, and ensure regulatory requirements are considered. Root Cause Analysis: Facilitate post-incident reviews and root cause analysis (RCA) sessions to identify the underlying causes of crises and issues and implement preventive measures to avoid recurrence. Drive … continuous improvement through post-incident review reports. Documentation and reporting: Maintain accurate records of crises and major incidents, including incident details, actions taken, resolutions, and post-incident analysis findings, adhering to regulatory and compliance requirements. Monitor key performance indicators (KPIs) and metrics related to incident management more »
scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them. Incident management. The team manage our security incidentresponse activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incidentresponse with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24/7 incident management. Beyond close daily collaboration with other security teams, SecOps engages with all teams across the business at every more »
Best Practice Working with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incidentresponse and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will … will be a requirement to cover 7am-7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incidentresponse and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix more »
great training, but also a comprehensive package along side it. As a SOC Analyst, you will be playing a key role in monitoring threats, incidentresponse and day-to-day security operations. Responsibilities: Security Detection and Monitoring IncidentResponse Detection Engineering Malware Analysis (Static and Dynamic more »
to protect against web-based attacks. Ensure optimal performance and security of web applications through proper configuration and tuning of security controls. Monitoring and IncidentResponse: Establish and maintain monitoring and alerting mechanisms for web application security. Investigate and respond to security incidents, including coordinating with relevant teams … WAF technologies, providing training and knowledge sharing across the organization. Documentation and Reporting: Create and maintain detailed documentation of security architectures, configurations, processes, and incident reports. Prepare and present security metrics and reports to management and stakeholders. Continuous Improvement: Stay up-to-date with the latest security trends, vulnerabilities … In-depth understanding of security principles, protocols, and technologies (e.g., SSL/TLS, OWASP Top Ten, DDoS mitigation). Experience with security monitoring and incidentresponse tools. Relevant security certifications (e.g., CISSP, CEH, GIAC) are highly desirable. Excellent problem-solving skills and the ability to work independently and more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
address potential vulnerabilities and risks. - Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements. - Key member of the incidentresponse efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents. - Monitor AWS security alerts, events, and incidents, and respond … and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incidentresponse and handling, including log analysis and forensics. - Strong communication and interpersonal skills to collaborate effectively with cross-functional teams. - In-depth knowledge … with Company Policies and Security Infrastructure - Familiarity with AWS Security Best Practices and the business Setup - Integration into DevOps Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous more »
Greater London, England, United Kingdom Hybrid / WFH Options
Trident Search
and allow them to offer the best service possible. This is a senior role, so plenty of experience within SecOps is vital, especially within incidentresponse and engaging with the wider business. This role will also see you have direct reports, so experience in a little leadership or … to further enhance capabilities Experience with malware analysis is essential as you will play a senior role in managing this process. Having ownership over incident management and ensuring incidents are closed out in a timely manner or escalated effectively. Risk analysis across multiple teams and technologies is also required … great internal security role, working with a reputable organisation and a talented team. If you have the right experience and are comfortable with your incidentresponse skills then please do go ahead and apply now. more »
Chester, England, United Kingdom Hybrid / WFH Options
Digital Gurus
robustness of IT security operations. The technical stack represents a blend of Azure, M365, IAM, Sentinel, Defender for Cloud and Log Monitoring. Responsibilities Security IncidentResponse: Assist in identifying, managing and resolving security incidents with the Security Operations Center (SOC). Ensure successful resolution and closure of these … security vulnerabilities. Ability to work effectively with cross-functional teams, particularly bridging IT operations and InfoSec. Scripting experience will be beneficial for automation and incidentresponse tasks. Tech Stack Azure M365 IAM RBAC Sentinel Defender for Cloud (Secure Score) Interested? Apply now to find out more more »
is an open-source framework developed by Fox-IT for collecting and analyzing large amounts of forensic data. It is a game-changer in incidentresponse, used by leading cybersecurity companies and government agencies. It enables data acquisition and analysis on thousands of systems in minutes, regardless of … the DFIR team to deliver innovative solutions. Your expertise in Python and contribution to the Dissect Framework are essential for the success of the incidentresponse services and directly contribute to a safer society. Fox-IT We are Fox-IT, or Fox. We stand for making the world more »
Leeds, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
of a 24/7 operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum … using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. … Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities and conduct permitted remediation (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment … and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating … manage security incidents by analyzing alerts from diverse sources and collaborating with external monitors to identify and address potential threats. Serve as a primary incident responder, leading the containment and resolution process in line with established protocols to reduce risks. Enhance security procedures to improve the organization's monitoring more »
City of London, London, United Kingdom Hybrid / WFH Options
Akkodis
for the junior analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will also have the opportunity … L1 and L2 analysts, including objectives setting, performance management/reviews, training & development, and BAU activities including shift cover etc. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours … Support Major IncidentResponse activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity. Identify, create and implement more »
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
CIIH Ltd T/A Headway Recruitment
standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. In-depth knowledge of the Microsoft O365 environment, threat intelligence analysis, Security IncidentResponse processes, disaster recovery, and business continuity principles. Familiarity with security testing principles, vulnerability scanning, risk identification, resolution, and reporting. Experience in formal … document creation, such as reports or procedures. Key Responsibilities include but not limited to: Assist with security incident management and response activities, emphasizing cyber threats. Conduct daily, weekly, and monthly security checks, reconciliation, and compliance checks. Handle security alerts and inquiries from systems and end users. Complete client more »
City of London, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Incident Responder - Cyber Security - Middle East BAE Systems Digital Intelligence has been contracted to deliver a National Cyber Security Programme in the Middle East as … for 12 months so there are no options for hybrid working as the majority of time will be spend on client site. As an Incident Responder you will be responsible for the Triage of cyber security incidents, determining and categorising which incidents cross the threshold becoming National cyber security … media releases. Manage Incidents on site and across multiple sites. Conduct on-site analysis and collection of data for depth support as part of incident investigation. Identify and propose remediation activities and identify security improvements to prevent future incidents. Direct client IR Teams and In-house malware and forensics more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton … including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role • Develop and integrate security event monitoring and incident management services. • Respond to security incidents as they occur as part of an incidentresponse team. • Implement metrics and dashboards to give more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
team that provides around-the-clock protective monitoring solutions to clients across various industry verticals. Leveraging cutting-edge detection technology, offering assurance detection and incidentresponse capabilities to organizations of all sizes. Role Overview As a SOC Engineer you'll work handling both reactive and proactive security engagements. … SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting: Ensure timely, accurate, and effective incident reporting. Collaborate with other SOC team members during security incidents and Threat Mining engagements. ✨Client Communication … customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be eligible for SC more »
Brighton, England, United Kingdom Hybrid / WFH Options
Hays
maintain information security strategies and objectives to enhance the overall security posture of the business. Monitor and analyse security incidents and breaches, and lead incidentresponse efforts to contain and mitigate the impact in a timely manner. Reporting to senior management on Cyber related metrics and improvement needs. more »
Responsibilities: Develop and implement comprehensive information security strategies, policies, and procedures. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Lead incidentresponse efforts and manage security breaches efficiently. Collaborate with cross-functional teams to ensure security measures are integrated into all business operations. Stay more »