Security Incident Response Engineer
Key Details at a GlanceRole: Security Incident Response EngineerLocation: Warrington - hybrid, typically 2 days per week on siteContract length: 6 months (with strong potential for extension based on performance and project needs)IR35 status: Out of ScopeRate: 100/hourClearance: Existing SC preferred or strong eligible candidatesDay-to-day environment: Digital / Cyber, working closely with Cyber Operations / CSOCWhat You Would Be DoingThis role sits at the intersection of cyber operations and ServiceNow engineering. You would be responsible for designing and embedding robust incident response capabilities in the ServiceNow Security Incident Response (SIR) module, closely aligned to NCSC and best-practice frameworks.ServiceNow SIR workflow design and developmentReview existing incident processes and translate them into effective ServiceNow SIR workflows, covering triage, escalation paths, case lifecycle, evidence management, and integration with CSOC tooling.Platform configuration and enhancementConfigure and customise SIR forms, fields, templates, routing rules, severity models, and guided response actions. You will also identify gaps in capability and define enhancements in line with platform governance and architecture standards.Systems integration and automationSupport integration of SIR with SIEM/SOC tools, threat intelligence feeds, SOAR modules, email ingestion, and ITSM processes (Change, Problem, Incident). A key focus is on building automations that reduce manual ..... full job details .....
Other jobs of interest...
Perform a fresh search...
-
Create your ideal job search criteria by
completing our quick and simple form and
receive daily job alerts tailored to you!