2,058 Incident Response jobs in the United Kingdom

Senior Cyber Security Analyst - Incident Response

Old Town, Scotland Aberdeen Standard Investments

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Overview

At Aberdeen, our ambition is to be the UK’s leading Wealth & Investments group. Strengthening talent and culture is a strategic priority to attract and retain the industry’s best talent. Our people put stakeholders at the heart of everything we do, helping to make a positive difference to the lives of our clients, customers, colleagues, shareholders and society. We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand, supported by leading technology and talent.nAberdeen comprises three businesses, interactive investor (ii), Investments, and Adviser, each focused on meeting and adapting to our clients’ evolving needs.ninteractive investor, the UK’s second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save, and invest in the way that works for them.nOur Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.nOur Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on key market themes, through either public markets or alternative asset classes.nAbout the role

The Senior Cyber Security Analyst role is an integral part of the Cyber Security Operations team. This role is technical and will support the Cyber Response Lead in responding to escalated security alerts from L1 and L2 analysts, and in proactively developing and tuning detection rules. The role reports to the Cyber Response Lead and is based in Edinburgh. The role holder will work closely with the Cyber Security Operations Centre, other security functions, specialist 3rd party security suppliers, and the global IT and business teams.nKey Responsibilities

Conduct thorough investigations to determine root cause, scope and impact of security alerts escalated from L1 and L2 security analysts.nMonitor detection and response KPIs.nSupport detection rule management, implementing new rules and tuning out false positives.nMaintain incident response plans and playbooks.nSupport in documenting incidents and response actions in detailed post-incident reporting.nManage the Information Security Queue in relation to Cyber Response tickets.nCoordinate and collaborate with internal and external stakeholders, such as IT, business and audit teams on security-related matters.nRecommend and implement security posture improvements, collaborating with IT teams to ensure security measures are integrated into systems.nAbout the Candidate

Experience in Cyber Security , ideally within an international asset management or similar large organisations.nPassion for security and self-development

to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements.nAble to work in an international matrix organisation

with complex and dynamic drivers and constraints.nComfortable with a fast-paced multi-threaded working environment .nProficiency in Microsoft Security Stack

– Strong hands-on experience with Microsoft’s security ecosystem, including the Defender suite and related identity protection technologies.nProficiency with Microsoft Sentinel

(SIEM/SOAR) for security monitoring, detection and incident response, including configuring, tuning, maintaining, analysing alerts and incidents, developing hunting queries (KQL), automation playbooks, and integration with other security controls.nExperience with security tools outside the Microsoft ecosystem , such as IDS/IPS, vulnerability scanners, web and email filtering, web application firewalls, DDoS protections, proxies, host-based protections and malware analysis engines.nGood understanding of Cyber Detection and Response Concepts

such as MITRE ATT&CK framework for mapping adversary behaviours and improving detection coverage.nInclusion and Benefits

We are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to UK roles under the Disability Confident Scheme, notify us in the candidate questionnaire so we can support your application process.nOur benefitsnWe offer an environment where you can learn, get involved and be supported. Rewards include 40 days’ annual leave, 16% employer pension contribution, a discretionary performance-based bonus (where applicable), private healthcare and flexible benefits such as gym discounts and season ticket loans. More about our benefits is available in the candidate materials.nOur businessnOur business is structured around three areas focusing on client needs. You can find out more about what we do in our candidate materials.nAn inclusive way of working

Aberdeen supports a blended working approach, combining office collaboration with the flexibility of working from home. We value an inclusive culture where diverse perspectives drive our actions. If you need assistance with your application or an adjustment to interview arrangements due to a disability, please let us know and we will help. We are committed to an inclusive workplace where all forms of difference are valued and where meritocracy, fairness and transparency guide our actions.

#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.

Senior Cyber Security Analyst - Incident Response

Old Town, Scotland abrdn plc

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Overview

At Aberdeen, our ambition is to be the UK's leading Wealth & Investments group. Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent. Our people put our stakeholders at the heart of everything they do by helping us to make a positive difference to the lives of our clients, customers, colleagues, shareholders, and society. We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand. We are committed to providing excellent client service, supported by leading technology and talent.

Aberdeen comprises three businesses, interactive investor (ii), Investments, and Adviser, each of which focuses on meeting and adapting to our clients' evolving needs:

interactive investor, the UK's second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save, and invest in the way that works for them.

Our Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.

Our Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on the key themes shaping the market, through either public markets or alternative asset classes.

About the rolenThe Senior Cyber Security Analyst role is an exciting and integral part of the Cyber Security Operations team. This role is technical and will support the Cyber Response Lead in responding to escalated security alerts from L1 and L2 analysts, and proactively developing and tuning detection rules. The role reports directly to the Cyber Response Lead and is based in Edinburgh. The role holder will work closely with our Cyber Security Operation Centre and with other security functions as well as specialist 3rd party security suppliers and the global IT and business teams.

Key Responsibilities

Conduct thorough investigations to determine the root cause, scope, and impact of security alerts escalated from L1 and L2 security analysts.

Monitor detection and response KPIs

Support detection rule management, implementing new rules and tuning out false positives

Maintain incident response plans and playbooks

Support in documenting incidents and response actions in detailed post incident reporting

Manage the Information Security Queue in relation to Cyber Response tickets

Coordinate and collaborate with internal and external stakeholders, such as IT, business, and audit teams on security-related matters.

Recommend and implement security posture improvements, collaborating with IT teams to ensure security measures are integrated into systems

About the Candidate

Experience in Cyber Security , ideally within an international asset management or similar large organisations.

Passion for security and self-development

to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements

Able to work in an international matrix organisation

with complex and dynamic drivers and constraints

Comfortable with a fast paced

multi-threaded working environment

Proficiency in Microsoft Security Stack

- Strong hands-on experience with Microsoft's security ecosystem, including the Microsoft Defender suite (MDE, MDO, MDA, MDI) and related identity protection technologies (Azure AD Identity Protection, Conditional Access).

Proficiency with Microsoft Sentinel

(SIEM/SOAR) for security monitoring, detection, and incident response. The ideal candidate will have practical experience configuring, tuning, and maintaining these solutions, analysing alerts and incidents, developing advanced hunting queries (KQL), developing automation playbooks, and integrating with other security controls and solutions.

Experience with security tools outside of the Microsoft eco-system , such as IDS/IPS, vulnerability scanners, web and email filtering, webapp firewalls and DDoS protections, proxies, host-based protections and malware analysis engines

Good understanding of Cyber Detection and Response Concepts

such as the MITRE ATT&CK framework for mapping adversary behaviours and improving detection coverage

Disability and inclusionnWe are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to one of our UK roles under the Disability Confident Scheme, please notify us by completing the relevant section in our candidate questionnaire. One of our team will reach out to support you through your application process.

Our benefitsnThere's more to working life than coming home with a good salary. We have an environment where you can learn, get involved and be supported.

When you join us, your reward will be one of the best around. This includes 40 days' annual leave, a 16% employer pension contribution, a discretionary performance-based bonus (where applicable), private healthcare and a range of flexible benefits - including gym discounts, season ticket loans and access to an employee discount portal. You can read more about our benefits here.

Our businessnEnabling our clients to be better investors drives everything we do. Our business is structured around three distinct areas - our vectors of growth - focused on our clients' changing needs. You can find out more about what we do here.

An inclusive way of workingnWhatever way you like to work, if you have the talent and commitment to join our team, we'd like to hear from you.

At Aberdeen we've adopted a 'blended working' approach. This approach combines the benefits of face-to-face collaboration, coaching and connecting in our offices with the flexibility of working from home. It enables colleagues to find a balance that works for their roles, their teams, our clients and our business.

An inclusive culture, where diverse perspectives drive our actions, is at the core of who we are and what we do. If you need assistance with your application, or a reasonable adjustment to your interview arrangements - for example, because you are neurodivergent, or have a physical, sensory, cognitive, mental, visible or invisible disability - please let us know and we'll be happy to help.

We're committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense - this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.

If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.

#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.

Information Security Analyst - SIEM & Incident Response

BD1 1AA Bradford, Yorkshire and the Humber £50000 Annually WhatJobs

Posted 16 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a prominent financial services institution, is seeking an experienced Information Security Analyst with expertise in Security Information and Event Management (SIEM) and Incident Response. This role requires a dedicated presence in the office to work closely with the security operations center (SOC) team and ensure the effective monitoring and protection of the organization's digital assets. You will be instrumental in detecting, analyzing, and responding to security threats, minimizing potential damage and ensuring business continuity.

Responsibilities:
  • Monitor security alerts and events generated by the SIEM system in real-time.
  • Analyze security incidents, identify root causes, and perform detailed investigations.
  • Develop and implement effective incident response procedures and playbooks.
  • Conduct forensic analysis of security breaches and compromised systems.
  • Configure and tune SIEM rules, correlation logic, and dashboards to enhance threat detection capabilities.
  • Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and attack vectors.
  • Collaborate with IT teams to implement security controls and remediate vulnerabilities.
  • Participate in security awareness training initiatives.
  • Maintain accurate documentation of security incidents, investigations, and resolutions.
  • Contribute to the continuous improvement of the SOC's operational processes and tools.
  • Assist in vulnerability assessments and management activities.
  • Provide support for security audits and compliance activities.

Qualifications:
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Minimum of 3-5 years of experience in information security, with a focus on SIEM operations and incident response.
  • Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight).
  • Strong understanding of common cyber threats, attack techniques, and mitigation strategies.
  • Familiarity with network protocols, operating systems (Windows, Linux), and security technologies (firewalls, IDS/IPS, endpoint protection).
  • Experience with forensic tools and techniques is a plus.
  • Excellent analytical, problem-solving, and critical-thinking skills.
  • Effective communication and interpersonal skills, with the ability to work collaboratively within a team.
  • Relevant security certifications such as CompTIA Security+, CEH, GCIH are advantageous.
  • Ability to work under pressure and respond effectively to security incidents.
  • Must be eligible to work in the UK.

This is an exciting opportunity to join a critical function within a leading financial institution and make a tangible contribution to its security posture. If you are a proactive and skilled security professional, we encourage you to apply. The role is based in Bradford, West Yorkshire, UK .
This advertiser has chosen not to accept applicants from your region.

Incident Response Operative

Rothersthorpe, East Midlands Amey Ltd

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

permanent
We have fantastic opportunities for a permanent Incident Response Operative to join our Area 7 account in Northampton, at our Rothersthorpe Depot (NN49QS)

We provide maintenance and response across a vast area of some of the UK's busiest motorways and strategic highways across the east midlands and north of England. As many as 180,000 vehicles a day use certain sections of this vital network.

Our 200+ Amey people provide vital maintenance and respond to incidents to keep the travelling public moving.

The standard hours of work are on a 4 on 4 off pattern, rotating days and nights, averaging 42 hrs per week.

As part of a two-man crew across a wider team, you will be responsible for :
  • All aspects of highway maintenance and response works including acting as first response dealing with incidents, Find and Fix, lamp scouting, routine and cyclic maintenance activities, litter picking, etc.
  • Winter maintenance operations
  • Attending project and safety briefings as required
  • Driving/operating vehicles/plant requiring general and specialist skills including daily checks, reporting and recording any defects.
  • Taking responsibility for the safety of yourself and others within your team to ensure compliance with relevant health and safety legislation and safe operation to protect members of the public, making use of our close call procedure and following our Zero code targets.
  • Carrying out vehicle checks on all vehicles prior to use and at the end of each shift, correctly reporting and recording any defects.
  • Keeping records and completing all necessary job packs and paperwork.
  • Assessment, deployment, and removal of suitable pedestrian and traffic management
  • Liaise with other employees of Amey, sub-contractors, emergency services, the police, the public, clients and customers.
  • Covering callout/standby and absences such as annual leave.
Why Join Us?

At Amey, we don't just offer jobs, we offer opportunities to build fulfilling careers. As one of the top 1% of employers recognised by Investors in People, we are committed to your professional growth and wellbeing. Here's what you can expect when you join our team:
  • Competitive Salary: Enjoy a competitive annual salary with the potential for yearly reviews to ensure you're rewarded for your contributions.
  • Career Growth: Propel your career with clear, dynamic advancement opportunities to roles like Team Leader
  • Training Opportunities: Unlock your potential with comprehensive training tailored to your growth.
  • Personal Development Opportunities: Advance your personal growth through mentorship and access to our award-winning programs like our Leadership Development, , and Multicultural Leadership programs.
  • Pension: Benefit from a generous pension scheme with company contributions for your future peace of mind.
  • Holidays: Enjoy at least 24 days of holiday plus bank holidays, and the opportunity to buy further 5 days! Giving you plenty of time to relax and recharge.
  • Flexible Benefits: Customise your benefits package with options like additional leave, cycle-to-work schemes, charitable giving, and gym memberships.
  • Exclusive Discounts: Access our online portal filled with discounts from leading retailers, healthcare services, and more, helping you save on the things that matter.
  • Social Impact: Take part in our community initiatives with 2x paid volunteering days a year, plus other opportunities to support fundraising and local projects.
What You'll Bring:
  • Full driving licence, with Class C HGV with Drivers CPC
  • Experience on highways
  • Experienced working outdoors in challenging weather conditions
  • CSCS card (desirable)
If you're ready to make a meaningful impact on our business and contribute to a shared, sustainable future, we invite you to join us in advancing our strategy and driving positive change.

Application Guidance

At Amey, we value a culture ff diversity and inclusion. We encourage applications from individuals who are passionate about making a positive impact, no matter their background, gender, race, or personal circumstances. We believe everyone deserves the opportunity to shine.

As a Disability Confident leader, we're proud to offer applicants with a disability an interview if they meet the minimum requirements for the role.

If you have any questions or need any adjustments during the recruitment process, don't hesitate to reach out to Kayla Caruth, our recruiter for this role, at (url removed)

#CVL #LI-KC1

This advertiser has chosen not to accept applicants from your region.

Incident Response Operative

Rothersthorpe, East Midlands Amey Ltd

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

full time
We have fantastic opportunities for a permanent Incident Response Operative to join our Area 7 account in Northampton, at our Rothersthorpe Depot (NN49QS)

We provide maintenance and response across a vast area of some of the UK's busiest motorways and strategic highways across the east midlands and north of England. As many as 180,000 vehicles a day use certain sections of this vital network.

Our 200+ Amey people provide vital maintenance and respond to incidents to keep the travelling public moving.

The standard hours of work are on a 4 on 4 off pattern, rotating days and nights, averaging 42 hrs per week.

As part of a two-man crew across a wider team, you will be responsible for :
  • All aspects of highway maintenance and response works including acting as first response dealing with incidents, Find and Fix, lamp scouting, routine and cyclic maintenance activities, litter picking, etc.
  • Winter maintenance operations
  • Attending project and safety briefings as required
  • Driving/operating vehicles/plant requiring general and specialist skills including daily checks, reporting and recording any defects.
  • Taking responsibility for the safety of yourself and others within your team to ensure compliance with relevant health and safety legislation and safe operation to protect members of the public, making use of our close call procedure and following our Zero code targets.
  • Carrying out vehicle checks on all vehicles prior to use and at the end of each shift, correctly reporting and recording any defects.
  • Keeping records and completing all necessary job packs and paperwork.
  • Assessment, deployment, and removal of suitable pedestrian and traffic management
  • Liaise with other employees of Amey, sub-contractors, emergency services, the police, the public, clients and customers.
  • Covering callout/standby and absences such as annual leave.
Why Join Us?

At Amey, we don't just offer jobs, we offer opportunities to build fulfilling careers. As one of the top 1% of employers recognised by Investors in People, we are committed to your professional growth and wellbeing. Here's what you can expect when you join our team:
  • Competitive Salary: Enjoy a competitive annual salary with the potential for yearly reviews to ensure you're rewarded for your contributions.
  • Career Growth: Propel your career with clear, dynamic advancement opportunities to roles like Team Leader
  • Training Opportunities: Unlock your potential with comprehensive training tailored to your growth.
  • Personal Development Opportunities: Advance your personal growth through mentorship and access to our award-winning programs like our Leadership Development, , and Multicultural Leadership programs.
  • Pension: Benefit from a generous pension scheme with company contributions for your future peace of mind.
  • Holidays: Enjoy at least 24 days of holiday plus bank holidays, and the opportunity to buy further 5 days! Giving you plenty of time to relax and recharge.
  • Flexible Benefits: Customise your benefits package with options like additional leave, cycle-to-work schemes, charitable giving, and gym memberships.
  • Exclusive Discounts: Access our online portal filled with discounts from leading retailers, healthcare services, and more, helping you save on the things that matter.
  • Social Impact: Take part in our community initiatives with 2x paid volunteering days a year, plus other opportunities to support fundraising and local projects.
What You'll Bring:
  • Full driving licence, with Class C HGV with Drivers CPC
  • Experience on highways
  • Experienced working outdoors in challenging weather conditions
  • CSCS card (desirable)
If you're ready to make a meaningful impact on our business and contribute to a shared, sustainable future, we invite you to join us in advancing our strategy and driving positive change.

Application Guidance

At Amey, we value a culture ff diversity and inclusion. We encourage applications from individuals who are passionate about making a positive impact, no matter their background, gender, race, or personal circumstances. We believe everyone deserves the opportunity to shine.

As a Disability Confident leader, we're proud to offer applicants with a disability an interview if they meet the minimum requirements for the role.

If you have any questions or need any adjustments during the recruitment process, don't hesitate to reach out to Kayla Caruth, our recruiter for this role, at (url removed)

#CVL #LI-KC1

This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

NP10 Rogerstone, Wales Hays Technology

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

full time

Incident Response Analyst

Permanent - 52k - 57k + strong benefits

Location: Hybrid - South Wales


Your new company


I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback.


Your new role


This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role:

  • Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents.
  • Investigate alerts and suspicious activity to determine if an incident has occurred.
  • Contain affected systems and networks to prevent the incident from spreading.
  • Implement temporary measures to mitigate the impact of the incident.
  • Work with other teams, such as IT and security operations, to develop and implement a containment strategy.
  • Analyse incident data to determine the root cause of the incident and identify recommendations for improvement.
  • Document and report incidents to the incident response team and other relevant stakeholders.
  • Stay informed about emerging cyber threats and vulnerabilities.

What you'll need to succeed

  • Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans.
  • Proven experience operating in a SOC or a related cyber security role.
  • In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice.
  • Strong analytical and problem-solving skills.
  • Ability to work independently and as part of a team.
  • Excellent communication and interpersonal skills.
  • Ability to obtain UK Security Clearance

What you'll get in return

  • Salary of between 52k-57k
  • Hybrid working 2/3 days in South Wales per week
  • Possible bonus
  • 5% pension contribution from you, the company pays 10%
  • Enhanced pay for parental leave
  • And more!

What you need to do now


If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

This advertiser has chosen not to accept applicants from your region.

Incident Response Engineer

Reading, South East Microsoft Corporation

Posted today

Job Viewed

Tap Again To Close

Job Description

Interested in security and incident response? Then come join the Cybersecurity Incident Response Team (CIRT) at Microsoft as an Incident Response Engineer responsible for helping customers investigate security incidents in their environment.



With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoftu2019s products and services, ignited by our people and culture.



Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoftu2019s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.



As an Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoftu2019s enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.



In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As an Incident Response Engineer, you will own, troubleshoot, and solve complex customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and deepen your technical proficiency.



This role is flexible in that you can work up to 100% from home.



Microsoftu2019s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.



**Responsibilities**



**Responsibilities:**


Scope customer security incidents.
Understand and identify indicators of attack and indicators of compromise.
Investigate root cause of complex security incidents.
Analyse incident data from threat analytics tools.
Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customeru2019s environment.
Coordinate a response to the security incident with other Microsoft security and consulting teams.
Develop, document, and implement runbooks, capabilities, and techniques for Incident Response.
Perform security triage and analysis on endpoint, server, and network infrastructure.
Perform activities necessary for immediate containment and short-term resolution of incidents.
Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities.
Maintain a high level of confidentiality.
Participate in the on-call rotation as required.



**Qualifications**



**Required/Minimum Qualifications (RQs/MQs)**


Demonstrated experience in customer-facing roles (Customer support experience is preferred).
Practical experience managing and troubleshooting Network, Windows Server, Windows Client, and Active Directory environments.
Working knowledge of Entra ID and Microsoft 365 management and troubleshooting experience.
Experience or passion in Cybersecurity and Security Incident Response.
Ability to manage complex Incident Response situations with a focus on deep technical troubleshooting and empathetic customer engagement.
Experience supporting large and complex geographically distributed enterprise environments with 1000+ users.
Bachelor's degree in Computer Science, Information Technology (IT), or related field AND demonstrated experience of technical support, technical consulting experience, or information technology experience.



**Additional or Preferred Qualifications (PQs)**


Experience in Security Incident Response with recent operational security experience (Indicator of Attack / Indicator of Compromise deep investigation, On-Premises data and Cloud log investigation, Malware Analysis, Threat Analytics, Threat Intelligence, endpoint security, etc.)
Experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
Experience in Cloud investigations with Entra ID, Microsoft 365 and Microsoft Defender solutions
Experience with any Microsoft Defender solutions
Experience in Azure Identity management and troubleshooting
Kusto Query Language knowledge
Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level)
Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)
Preferred Bacheloru2019s degree or higher in a technical field, or relevant work experience



**Language Qualification**



English Language: fluent in reading, writing and speaking.



Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.



Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Incident response Jobs in United Kingdom !

Incident Response Engineer

Reading, South East Microsoft Corporation

Posted today

Job Viewed

Tap Again To Close

Job Description

Interested in security and incident response? Then come join the Cybersecurity Incident Response Team (CIRT) at Microsoft as an Incident Response Engineer responsible for helping customers investigate security incidents in their environment.



With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoftu2019s products and services, ignited by our people and culture.



Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoftu2019s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.



As an Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoftu2019s enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.



In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As an Incident Response Engineer, you will own, troubleshoot, and solve complex customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and deepen your technical proficiency.



This role is flexible in that you can work up to 100% from home.



Microsoftu2019s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.



**Responsibilities**



**Responsibilities:**


Scope customer security incidents.
Understand and identify indicators of attack and indicators of compromise.
Investigate root cause of complex security incidents.
Analyse incident data from threat analytics tools.
Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customeru2019s environment.
Coordinate a response to the security incident with other Microsoft security and consulting teams.
Develop, document, and implement runbooks, capabilities, and techniques for Incident Response.
Perform security triage and analysis on endpoint, server, and network infrastructure.
Perform activities necessary for immediate containment and short-term resolution of incidents.
Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities.
Maintain a high level of confidentiality.
Participate in the on-call rotation as required.



**Qualifications**



**Required/Minimum Qualifications (RQs/MQs)**


Demonstrated experience in customer-facing roles (Customer support experience is preferred).
Practical experience managing and troubleshooting Network, Windows Server, Windows Client, and Active Directory environments.
Working knowledge of Entra ID and Microsoft 365 management and troubleshooting experience.
Experience or passion in Cybersecurity and Security Incident Response.
Ability to manage complex Incident Response situations with a focus on deep technical troubleshooting and empathetic customer engagement.
Experience supporting large and complex geographically distributed enterprise environments with 1000+ users.
Bachelor's degree in Computer Science, Information Technology (IT), or related field AND demonstrated experience of technical support, technical consulting experience, or information technology experience.



**Additional or Preferred Qualifications (PQs)**


Experience in Security Incident Response with recent operational security experience (Indicator of Attack / Indicator of Compromise deep investigation, On-Premises data and Cloud log investigation, Malware Analysis, Threat Analytics, Threat Intelligence, endpoint security, etc.)
Experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
Experience in Cloud investigations with Entra ID, Microsoft 365 and Microsoft Defender solutions
Experience with any Microsoft Defender solutions
Experience in Azure Identity management and troubleshooting
Kusto Query Language knowledge
Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level)
Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)
Preferred Bacheloru2019s degree or higher in a technical field, or relevant work experience



**Language Qualification**



English Language: fluent in reading, writing and speaking.



Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.



Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .
This advertiser has chosen not to accept applicants from your region.

Incident Response Engineer

Reading, South East Microsoft Corporation

Posted today

Job Viewed

Tap Again To Close

Job Description

Interested in security and incident response? Then come join the Cybersecurity Incident Response Team (CIRT) at Microsoft as an Incident Response Engineer responsible for helping customers investigate security incidents in their environment.
With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services, ignited by our people and culture.
Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft's AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.
As an Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoft's enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.
In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As an Incident Response Engineer, you will own, troubleshoot, and solve complex customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and deepen your technical proficiency.
This role is flexible in that you can work up to 100% from home.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
**Responsibilities:**
+ Scope customer security incidents.
+ Understand and identify indicators of attack and indicators of compromise.
+ Investigate root cause of complex security incidents.
+ Analyse incident data from threat analytics tools.
+ Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer's environment.
+ Coordinate a response to the security incident with other Microsoft security and consulting teams.
+ Develop, document, and implement runbooks, capabilities, and techniques for Incident Response.
+ Perform security triage and analysis on endpoint, server, and network infrastructure.
+ Perform activities necessary for immediate containment and short-term resolution of incidents.
+ Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities.
+ Maintain a high level of confidentiality.
+ Participate in the on-call rotation as required.
**Qualifications**
**Required/Minimum Qualifications (RQs/MQs)**
+ Demonstrated experience in customer-facing roles (Customer support experience is preferred).
+ Practical experience managing and troubleshooting Network, Windows Server, Windows Client, and Active Directory environments.
+ Working knowledge of Entra ID and Microsoft 365 management and troubleshooting experience.
+ Experience or passion in Cybersecurity and Security Incident Response.
+ Ability to manage complex Incident Response situations with a focus on deep technical troubleshooting and empathetic customer engagement.
+ Experience supporting large and complex geographically distributed enterprise environments with 1000+ users.
+ Bachelor's degree in Computer Science, Information Technology (IT), or related field AND demonstrated experience of technical support, technical consulting experience, or information technology experience.
**Additional or Preferred Qualifications (PQs)**
+ Experience in Security Incident Response with recent operational security experience (Indicator of Attack / Indicator of Compromise deep investigation, On-Premises data and Cloud log investigation, Malware Analysis, Threat Analytics, Threat Intelligence, endpoint security, etc.)
+ Experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
+ Experience in Cloud investigations with Entra ID, Microsoft 365 and Microsoft Defender solutions
+ Experience with any Microsoft Defender solutions
+ Experience in Azure Identity management and troubleshooting
+ Kusto Query Language knowledge
+ Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
+ Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level)
+ Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)
+ Preferred Bachelor's degree or higher in a technical field, or relevant work experience
**Language Qualification**
English Language: fluent in reading, writing and speaking.
Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst (SIEM & Incident Response)

CV1 2DT Coventry, West Midlands £60000 Annually WhatJobs

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled Senior Information Security Analyst to join their dedicated security team in **Coventry, West Midlands, UK**. This pivotal role will focus on managing and enhancing their Security Information and Event Management (SIEM) system, as well as leading incident response efforts to protect the organization's digital assets. The ideal candidate will have a strong technical background in cybersecurity operations, threat detection, and incident handling.

Responsibilities:
  • Manage, configure, and optimize the SIEM platform to effectively detect, analyze, and report on security threats and incidents.
  • Develop and tune correlation rules, alerts, and dashboards to identify malicious activity and anomalies.
  • Lead and coordinate incident response activities, including investigation, containment, eradication, and recovery.
  • Perform forensic analysis of security incidents to determine root cause and impact.
  • Conduct vulnerability assessments and penetration testing, and work with relevant teams to remediate findings.
  • Develop and maintain incident response plans, playbooks, and standard operating procedures.
  • Monitor security logs and threat intelligence feeds to stay ahead of emerging threats.
  • Provide technical expertise and guidance on security best practices to IT and business units.
  • Collaborate with internal teams and external stakeholders during security investigations.
  • Stay current with the latest cybersecurity threats, vulnerabilities, and defense techniques.
  • Contribute to the continuous improvement of the organization's overall security posture.
Qualifications:
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • Minimum of 5 years of experience in information security, with a strong focus on SIEM management and incident response.
  • Hands-on experience with leading SIEM solutions (e.g., Splunk, QRadar, LogRhythm, Microsoft Sentinel).
  • Proficiency in log analysis, threat hunting, and security event correlation.
  • Strong understanding of network security, endpoint security, and cloud security principles.
  • Experience with forensic tools and techniques for incident investigation.
  • Knowledge of common attack vectors, malware, and intrusion techniques.
  • Relevant security certifications such as CISSP, GCIA, GCIH, CEH, or equivalent are highly desirable.
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Strong communication and interpersonal skills, with the ability to work effectively under pressure.
This role is essential for safeguarding our client's information assets against evolving cyber threats.
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Incident Response Jobs