109 Incident Response jobs in London

Software Engineering Manager, Site Reliability, Cloud Incident Response
_corporate_fare_ Google _place_ London, UK
**Advanced**
Experience owning outcomes and decision making, solving ambiguous problems and influencing stakeholders; deep expertise in domain.
**Minimum qualifications:**
+ Bachelor's degree or equivalent practical experience.
+ 8 years of experience with software development in one or more programming languages (e.g., Python, C, C++, Java, JavaScript).
+ 3 years of experience in a technical leadership role; overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
+ Experience with cloud services, telemetry systems and incident response.
**Preferred qualifications:**
+ Master's degree or PhD in Computer Science, or a related technical field.
+ Experience as a cloud customer.
**About the job**
Site Reliability Engineering (SRE) combines software and systems engineering to build and run large-scale, massively distributed, fault-tolerant systems. SRE ensures that Google Cloud's services-both our internally critical and our externally-visible systems-have reliability, uptime appropriate to customer's needs and a fast rate of improvement. Additionally SRE's will keep an ever-watchful eye on our systems capacity and performance.
Much of our software development focuses on optimizing existing systems, building infrastructure and eliminating work through automation. On the SRE team, you'll have the opportunity to manage the complex challenges of scale which are unique to Google Cloud, while using your expertise in coding, algorithms, complexity analysis and large-scale system design. SRE's culture of intellectual curiosity, problem solving and openness is key to its success. Our organization brings together people with a wide variety of backgrounds, experiences and perspectives. We encourage them to collaborate, think big and take risks in a blame-free environment. We promote self-direction to work on meaningful projects, while we also strive to create an environment that provides the support and mentorship needed to learn and grow.
The Cloud Incident Response Team supports the responders, tooling, and outcomes for Google Cloud Platform (GCP) major incidents. The team collaborates across GCP products, customer facing teams, and a wide range of stakeholders, where you will help coordinate, mitigate, or resolve issues across all of GCP.
Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
**Responsibilities**
+ Participate in on-call rotation supporting Critical Incident Response for GCP.
+ Focus on high-quality customer outcomes and collaboration across GCP teams.
+ Create Incident Management at Google (IMAG) training and processes for the incident management lifecycle in partnership with Cloud SRE Tech Leads, and the Cloud Support leadership team.
+ Build systems and tooling to support the team, enhance visibility, improve issue detection, and facilitate communication with customers, stakeholders, and other customer-facing teams.
+ Define and escalate risks in Cloud, reduce incident probabilities.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) .
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See alsoGoogle's EEO Policy ( ,Know your rights: workplace discrimination is illegal ( ,Belonging at Google ( , andHow we hire ( .
If you have a need that requires accommodation, please let us know by completing ourAccommodations for Applicants form ( .
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:

Why work for us?
A career at Janus Henderson is more than a job, it's about investing in a brighter future together.
Our Mission at Janus Henderson is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world-class service. We will do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right.
Our Values are key to driving our success, and are at the heart of everything we do:
Clients Come First - Always | Execution Supersedes Intention | Together We Win | Diversity Improves Results | Truth Builds Trust
If our mission, values, and purpose align with your own, we would love to hear from you!
Your opportunity
+ Lead the identification, assessment, and remediation of vulnerabilities across applications, infrastructure, and cloud environments, collaborating with development and operations teams for effective solutions.
+ Optimise vulnerability scanning profiles, dashboards, and reports to ensure comprehensive coverage and actionable insights, while analysing data to prioritise risks and provide clear remediation guidance.
+ Contribute to the continuous improvement of vulnerability management processes, policies, and procedures, including supporting incident response activities and aligning with industry best practices.
+ Identify potential security risks and document clear, actionable remediation options or mitigating controls aligned with industry best practices.
+ Contribute to other cybersecurity initiatives, utilizing our standards and procedures while adhering to industry best practices.
+ Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures.
+ Ensure that security controls in both new and existing computer systems comply with established security policies and guidelines.
+ Assist in incorporating regulatory compliance requirements, such as SOX and GLBA, into the organization's security roadmap.
+ Conduct thorough security incident investigations, including maintaining chain of custody, implementing containment measures, performing root cause analysis, and identifying preventive strategies.
+ Supporting incident response with vulnerability intelligence during security events.
+ Participate in the Information Security on-call rotation
What to expect when you join our firm
+ Hybrid working and reasonable accommodations
+ Generous Holiday policies
+ Excellent Health and Wellbeing benefits including corporate membership to ClassPass
+ Paid volunteer time to step away from your desk and into the community
+ Support to grow through professional development courses, tuition/qualification reimbursement and more
+ All-inclusive approach to Diversity, Equity and Inclusion
+ Maternal/paternal leave benefits and family services
+ Complimentary subscription to Headspace - the mindfulness app
+ All employee events including networking opportunities and social activities
+ Lunch allowance for use within our subsidized onsite canteen
Must have skills
+ 3+ years in an Information Security role with proven experience in Vulnerability Management
+ Proven hands-on experience with vulnerability management platforms and in a vulnerability management role
+ Experience in information security incident response
+ Knowledge of vulnerability management (remediation and configuration) and other security scanner tools.
+ Strong understanding of vulnerability assessment methodologies and risk scoring
+ Strong collaboration skills working with application and infrastructure teams within a security context
+ In-depth working knowledge of security best practices and frameworks (e.g., MITRE ATT&CK, OWASP Top 10, NIST)
+ Excellent verbal and written communication skills
+ Ability to manage multiple projects and tasks.
+ Analytical ability to capture and summarise information, find solutions to various tactical and strategic problems and prioritise work
+ Exposure to public cloud infrastructure (SaaS, IaaS, and PaaS)
+ Familiarity with patch management processes and tools
Nice to have skills
+ 5+ years of experience within Incident Response and Vulnerability Management
+ Knowledge of Tenable.sc and/or Tenable.io
+ Knowledge of cloud security vulnerabilities and associated scanning techniques
+ Experience with scripting or automation to enhance vulnerability management processes (e.g. Python) and to drive efficiency and innovation
+ Relevant Information Security certifications (e.g. CompTIA Security+, CySA+, CEH, SANS, Cloud Certifications).
Supervisory responsibilities
+ No
Potential for growth
+ Mentoring
+ Leadership development programs
+ Regular training
+ Career development services
+ Continuing education courses
You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role.
At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at
#LI-LN2 #LI-HYBRID
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.

Our client, a leading innovator in the blockchain space, is seeking a highly skilled and vigilant Blockchain Security Analyst to join their team on a contract basis. This role is fully remote, allowing you to contribute your expertise from anywhere in the world. You will be instrumental in safeguarding the integrity and security of our client's blockchain protocols, smart contracts, and associated infrastructure. Your mission will be to identify potential vulnerabilities, conduct thorough security audits, and develop robust mitigation strategies.

Responsibilities:

• Perform comprehensive security assessments of blockchain platforms, smart contracts, and decentralized applications (dApps).
• Conduct code reviews and static/dynamic analysis of smart contracts written in languages such as Solidity.
• Identify and exploit potential security vulnerabilities, including reentrancy, integer overflows, and logic errors.
• Develop and implement security testing frameworks and methodologies.
• Monitor blockchain networks for suspicious activities and potential threats.
• Investigate security incidents, perform root cause analysis, and recommend remediation steps.
• Stay abreast of the latest security threats, vulnerabilities, and best practices in the blockchain and cryptocurrency domain.
• Collaborate with development teams to ensure security is integrated into the entire development lifecycle.
• Provide expert advice on blockchain security best practices and compliance.
• Document findings, create detailed reports, and present them to stakeholders.

Qualifications:

• Proven experience in cybersecurity, with a specialization in blockchain security.
• Deep understanding of blockchain technology, consensus mechanisms, and cryptographic principles.
• Proficiency in smart contract development and auditing, particularly in Solidity.
• Experience with security analysis tools for blockchain platforms (e.g., Mythril, Slither, Securify).
• Strong knowledge of common smart contract vulnerabilities and attack vectors.
• Familiarity with penetration testing methodologies and tools.
• Excellent analytical and problem-solving skills.
• Ability to work independently and manage time effectively in a remote setting.
• Strong written and verbal communication skills.
• Relevant certifications (e.g., Certified Blockchain Security Professional) are a plus.

While this role is fully remote, there may be occasional needs for virtual collaboration with teams based in London, England, UK . If you are a security-focused professional with a passion for blockchain technology, apply now to make a significant impact.

Our client is seeking a highly skilled and motivated Blockchain Security Analyst to join their dynamic team in London, England, UK . This is a crucial role where you will be responsible for identifying, assessing, and mitigating security risks within blockchain ecosystems and decentralized applications. You will work closely with development teams to ensure the integrity, security, and resilience of our blockchain-based products and services.

Key Responsibilities:

• Conduct comprehensive security audits and code reviews of smart contracts, blockchain protocols, and related infrastructure.
• Perform penetration testing and vulnerability assessments on distributed ledger technologies.
• Develop and implement security best practices for blockchain development and deployment.
• Monitor blockchain networks for suspicious activities and potential security threats.
• Investigate and respond to security incidents, providing detailed post-mortem analysis and recommendations.
• Stay abreast of the latest trends, vulnerabilities, and advancements in blockchain security and cryptography.
• Collaborate with engineering and product teams to integrate security measures throughout the development lifecycle.
• Develop and maintain security documentation, policies, and procedures.
• Contribute to the design and architecture of secure blockchain solutions.
• Educate and advise development teams on secure coding practices for smart contracts and dApps.

Qualifications:

• Proven experience in cybersecurity, with a strong focus on blockchain technology and cryptography.
• Deep understanding of various blockchain platforms (e.g., Ethereum, Bitcoin, Solana) and their security implications.
• Proficiency in smart contract languages (e.g., Solidity, Rust) and experience auditing them.
• Experience with security analysis tools, penetration testing methodologies, and vulnerability assessment frameworks.
• Familiarity with common blockchain vulnerabilities (e.g., reentrancy attacks, integer overflows) and mitigation techniques.
• Excellent analytical and problem-solving skills, with the ability to think critically and strategically.
• Strong communication and interpersonal skills, with the ability to explain complex technical concepts to both technical and non-technical audiences.
• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Relevant security certifications (e.g., CISSP, CEH) are a plus.

This role offers a competitive salary, excellent benefits, and the opportunity to work at the forefront of blockchain innovation. The position is based in our London, England, UK office, with a hybrid working arrangement allowing for flexibility. Join us in shaping the future of decentralized technology.

We are Vitesse – the treasury and payment partner of choice for insurance.  

Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA-regulated business providing global claim funds management and payment solutions. Operating one of the largest banking and payment settlement networks in the world, we give our customers direct access to 200 countries and currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds and deliver a superior claimant experience. Our market-leading treasury proposition provides insurers with transparency and control over their claim funds, even when delegated to third parties, allowing them to have their money in the right place, at the right time, to make that all-important payment when customers need it most. 
 
With over 260 employees across our London headquarters, Europe, and the US, $93m Series C funding secured, and exceeding £15bn in processed transactions, we are only just getting started. 
 
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd's of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference. As we continue to scale up, we want like-minded humans to join us on this exciting journey.  

Are you ready? 

Your Mission:

We are seeking a skilled and motivated Information Security Analyst to join our team, reporting into the CISO. You will play a crucial role in safeguarding our organisations digital assets and infrastructure from cyber threats. You will be responsible for analysing security measures, identifying vulnerabilities, and help implement effective solutions to mitigate risks.

This role has a requirement for the jobholder to be part of an out of hours call-out rota, which will usually be 1 in 4 or 5 weeks, in addition to being available for short-term assignments in the US to support our North American business.

The role will require at least 2 days onsite in our London office.

The ideal candidate will have a strong understanding of information security principles, excellent analytical skills, and the ability to adapt to evolving threats in the cybersecurity landscape.

Your Responsibilities:

Governance: Risk / Compliance / Assurance:

• Monitor security systems including intrusion detection, firewalls, and SIEM. Collaborate with our external SOC to detect and respond to security incidents in a timely manner.
• Participate in incident response activities, including incident triage, containment, eradication, and recovery efforts.
• Conduct thorough investigations of security incidents and provide detailed reports on findings and recommendations for remediation.

• Help contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications.
• Serve as a subject matter expert on security-related matters, providing guidance and support to other teams and departments as needed, and as reported through the help desk system.
• Collaborate with IT teams and other stakeholders, contributing to the design and implementation of security controls and measures to protect against cyber threats.
• Stay up to date with the latest security trends, technologies, and best practices, and provide recommendations for continuous improvement.
• Assist with the management of security awareness training and workshops for employees to educate them about security risks and best practices for maintaining a secure work environment.
• Participate in the development and maintenance of disaster recovery plans to ensure the organisation's ability to respond to and recover from security incidents.
• Collaborate with internal teams during due diligence exercises to ensure that key security controls are documented as part of each submission.

Requirements

• Certifications such as CISSP, CISM, or CompTIA Security+, certifications are highly desirable.

• Proven experience working in information security, with a good understanding of security principles, protocols, and technologies.
• Experience with information security standards including ISO 27001, NIST and Cyber Essentials.
• Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing.
• Good understanding of Microsoft Azure, Office 365 and Microsoft E5 security tooling.
• Strong analytical and problem-solving skills, with the ability to analyse complex systems and identify security risks and vulnerabilities.
• Excellent communication and interpersonal skills, with the ability to effectively convey technical information to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of accountability and attention to detail.
• Sound judgment and decision-making abilities, especially in high-pressure situations requiring quick and accurate assessments.
• High ethical standards and a commitment to maintaining confidentiality.

Benefits

• 25 days Holiday per year (increasing by 1 day per years' service, up to 30 days) + Bank Holidays  
• Hybrid working arrangements – minimum 2 days in the office, Tuesday - Thursday 
• Contributory pension scheme  
• Enhanced Parental leave   
• Cycle to Work Scheme  
• Private Medical Insurance with AXA 
• Unlimited access to therapy sessions through our partner, Oliva   
• Discounted Gym membership through Gympass 
• Financial Coaching with Octopus Wealth  
• 2 days of volunteering leave per year  
• Sabbatical after 5 years’ service   
• Life Assurance - MetLife (UK employees only)
• Ongoing Learning and Development to support you reach your career goals  

We are Vitesse – the payment provider of choice for the insurance and treasury industry.  

Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA regulated payments business that is driven to be the payment partner of choice for the insurance market, by providing global payment services and treasury optimisation.  Operating one of the largest domestic banking and payment settlement networks in the world, we give our customers direct access to more than 170 countries and territories, covering over 110 currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds, delivering a better customer experience to their claimants.  Our market-leading treasury optimisation service brings complete control and transparency to insurers and allows them to have their money in the right place, at the right time, to make that all important payment - fast, and when their customers need it most.   

With now over 160 employees across Europe and our London headquarters, $26m series B funding in 2022 in the bag and approaching £8bn in processed transactions, we are only just getting started.     

We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd’s of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference.   

As we continue to scale up, we want like-minded humans to join us on this exciting journey.  Are you ready?  

Vitesse at our best – our values 

The Vitesse values are a true reflection of what it takes to thrive in our business, so it’s important to us that any employee who joins our business is aligned with these 3 attributes 

Confident Humility 

We don’t do ego and we know that unless we all win, none of us win. We admit when we’re wrong, ask for help and always think about the wider business before ourselves.

Driven to Succeed 

We see the opportunity ahead of us and we won’t stop until we fulfil the potential we know we have. We hold ourselves to high standards and deliver high quality outcomes for Vitesse and our customers.  

Tenacious Responsibility 

We take ownership for our actions and decisions, and face into the challenges that come our way. We are committed to seeing things through to completion, even in the face of adversity. 

We are an Equal Opportunity Employer   We are committed to creating an inclusive environment that enables everyone to perform at their best, where we recognise the rights of all individuals to mutual respect and where there is an unbiased acceptance of others. Our policies and practices aim to promote an environment that is free from all forms of Unfair discrimination and values the diversity of all people. At the heart of our policy, we seek to treat people fairly and with dignity and respect.  

Description
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS' multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Key job responsibilities
As a Security Engineer, you'll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure. You'll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

**Summary:**
Meta Security is looking for a Security Analyst to join our Bug Bounty program. You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.The Bug Bounty program incentivizes security researchers to search for, find and report security vulnerabilities across Meta's family of products, including Facebook, Instagram, WhatsApp and Quest. The program serves as the final level of protection per Meta's Shift Left operating model, aiming to discover and resolve vulnerabilities that have landed in production and are at risk of being exploited, and acts as a feedback loop for other security efforts.
**Required Skills:**
Security Analyst, Bug Bounty Responsibilities:
1. Analyze, assess, and respond to various security vulnerabilities we receive as part of our Bug Bounty program
2. Follow up with researchers on unclear reports
3. Understand the root cause of security vulnerabilities to help the product team fix them
4. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives
5. Own expansions to the program, including private bounties
6. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy
7. Implement bug fixes and feature enhancements to the program's public and internal code base
**Minimum Qualifications:**
Minimum Qualifications:
8. Familiarity with web security issues (e.g. OWASP top 10)
9. Ability to follow bug reports, reproduce and triage them
10. Proficient in clear written and verbal communication
**Preferred Qualifications:**
Preferred Qualifications:
11. Participation in bug bounty programs (not necessarily Meta's bug bounty program)
12. Experience with analyzing source code to find security vulnerabilities
13. Contributions to the security community (public research, blogging, presentations, etc)
14. Experience writing in scripting languages and willingness to learn new languages
**Industry:** Internet

Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their dynamic team in London, England, UK . This role is crucial in safeguarding our client's digital assets, ensuring the confidentiality, integrity, and availability of sensitive information. You will be responsible for developing, implementing, and maintaining robust security policies, procedures, and technical controls. Your day-to-day will involve conducting in-depth security risk assessments, identifying vulnerabilities, and recommending remediation strategies. You will also play a key role in incident response, investigating security breaches, and developing proactive measures to prevent future occurrences. The ideal candidate will have a strong understanding of current cybersecurity threats and trends, including malware, phishing, ransomware, and social engineering. You will collaborate with various IT and business units to embed security best practices throughout the organization. This includes providing guidance on secure system design, application development, and network infrastructure. Furthermore, you will be involved in security awareness training for employees and contributing to the continuous improvement of our security posture. We expect you to stay abreast of emerging security technologies and methodologies. Responsibilities will include managing security monitoring tools, analysing security logs, and generating regular reports on the security status. You will also assist in developing and maintaining disaster recovery and business continuity plans. This is an excellent opportunity for a motivated security professional looking to make a significant impact in a challenging environment.

Key Responsibilities:

• Develop and enforce information security policies, standards, and procedures.
• Conduct regular security risk assessments and vulnerability scans.
• Lead the incident response process, including investigation, containment, and recovery.
• Implement and manage security technologies such as firewalls, intrusion detection/prevention systems, and SIEM.
• Provide security awareness training and guidance to staff.
• Collaborate with IT teams on secure system architecture and deployment.
• Stay current with evolving cybersecurity threats and regulatory requirements.
• Monitor security alerts and respond to potential threats promptly.
• Maintain and improve security documentation and reporting.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience in information security roles, with a focus on risk management and incident response.
• In-depth knowledge of security frameworks (e.g., ISO 27001, NIST).
• Experience with security tools and technologies.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

Our client, a prominent financial services organization, is seeking an experienced and proactive Lead Information Security Analyst to bolster their cybersecurity defenses. This exciting role, based in the heart of London, England, UK , is pivotal in safeguarding sensitive data and critical systems against evolving cyber threats. You will lead a team of security professionals, design and implement robust security measures, and respond to security incidents.

Responsibilities:

• Develop, implement, and maintain comprehensive information security strategies and policies.
• Lead the information security team, providing guidance, mentorship, and technical direction.
• Conduct regular security risk assessments, vulnerability scans, and penetration tests to identify and remediate potential weaknesses.
• Design, deploy, and manage security technologies such as firewalls, IDS/IPS, SIEM, and endpoint detection and response (EDR) solutions.
• Develop and manage incident response plans, leading the investigation and remediation of security breaches.
• Ensure compliance with relevant security regulations and standards (e.g., GDPR, ISO 27001, PCI DSS).
• Provide security awareness training to employees across the organization.
• Collaborate with IT and other departments to ensure security is integrated into all systems and processes.
• Monitor security alerts and events, responding promptly to potential threats.
• Stay current with the latest cybersecurity threats, trends, and technologies, and proactively adapt security measures.
• Manage security vendor relationships and evaluate new security products and services.
• Develop and maintain security documentation, including policies, procedures, and runbooks.
• Lead security architecture reviews and provide recommendations for infrastructure improvements.
• Contribute to the development and execution of business continuity and disaster recovery plans.
• Act as a subject matter expert on information security matters for the organization.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• Minimum of 8 years of experience in information security, with at least 2 years in a lead or management role.
• Proven experience in developing and implementing security policies and procedures.
• In-depth knowledge of security frameworks, threat landscapes, and common attack vectors.
• Hands-on experience with SIEM, vulnerability management tools, and network security technologies.
• Strong understanding of incident response methodologies and forensics.
• Excellent leadership, communication, and analytical skills.
• Relevant certifications such as CISSP, CISM, or GIAC are highly desirable.
• Experience in the financial services sector is a plus.
• Ability to work independently and as part of a team, managing multiple priorities in a dynamic environment.

This role is based in our secure London office, requiring a significant presence for critical team collaboration and incident response coordination.