6 of 6 Incident Analyst Jobs in the UK

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation … technical expertise, analytical acumen, and a collaborative approach to problem-solving. Essential Qualifications & Experience Proven experience in a SOC Level 2 or Level 3 role, with demonstrable expertise in incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA More ❯

Senior Incident Responder – SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client – a global technology and services firm – is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations … and ensure effective containment and eradication of threats. You’ll act as the escalation point within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to … threat intelligence into monitoring and detection workflows. Liaise with clients, Service Delivery Managers, and technical teams to manage escalations and coordinate response. Maintain high standards of documentation, including post-incident reports and monthly performance packs. Support presales activities and SOC solution demonstrations when required. What You’ll Bring 3–5 years’ experience in cybersecurity operations, ideally within a SOC More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley click apply for full job details More ❯

Bonhill Partners are excited to represent our global investment bank as they look to expand their cyber security teams as part of a globalisation initiative. Client: Investment Banking Role: Incident Response Analyst (SOC) Job type: 3 month contract-> convert to perm at VP level Location: London, near Bank. Project snapshot: Experience responding to cybersecurity incidents (triage, containment, eradication … ArcSight) Ability to perform log analysis across network, host, application, and cloud sources Understanding of malware behaviour, attack vectors, and common threat actor techniques Familiarity with MITRE ATT&CK, incident handling frameworks (NIST, SANS) Experience with alert investigation, root-cause analysis, and writing clear incident reports Ability to use EDR tools (CrowdStrike, Carbon Black, SentinelOne etc.) Knowledge of More ❯

Bonhill Partners are excited to represent our global investment bank as they look to expand their cyber security teams as part of a globalisation initiative. Client: Investment Banking Role: Incident Response Analyst (SOC) Job type: 3 month contract-> convert to perm at VP level Location: London, near Bank. Project snapshot: Experience responding to cybersecurity incidents (triage, containment, eradication … ArcSight) Ability to perform log analysis across network, host, application, and cloud sources Understanding of malware behaviour, attack vectors, and common threat actor techniques Familiarity with MITRE ATT&CK, incident handling frameworks (NIST, SANS) Experience with alert investigation, root-cause analysis, and writing clear incident reports Ability to use EDR tools (CrowdStrike, Carbon Black, SentinelOne etc.) Knowledge of More ❯

Looking to move away from retail, hospitality or shift work – and build a career that actually gives you long-term stability and flexibility? Cyber Security is one of the fastest-growing industries in the world, and you don’t need More ❯