23 of 23 Forensic Analysis Jobs in England

day SOC operations, ensuring timely threat detection, incident response, and threat mitigation. • Develop and implement SOC policies, processes, and playbooks to improve security effectiveness. • Lead proactive threat-hunting and forensic analysis to strengthen the organisation's security posture. • Continuously evaluate and enhance SIEM configurations, alerting mechanisms, and automation. Team Management & Training • Recruit, mentor, and manage a team of … experience in SOC leadership, cybersecurity operations, or incident response Strong hands-on experience with SIEM platforms (QRadar preferred) and threat detection methodologies Expertise in incident response, threat hunting, and forensic analysis Knowledge of cloud security (AWS, Azure, GCP) and network defence strategies Proficiency in scripting (Python, PowerShell, or Bash) for security automation Familiarity with MITRE ATT&CK, NIST More ❯

Incident Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you're an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on some of the UK's most significant cyber cases. Key Responsibilities Incident Response Leadership: Take charge … containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence and MITRE ATT&CK to attribute attacks and inform proactive defences. Crisis Management: Lead … DFIR), ideally in consulting or client-facing roles. Hands-on leadership of large-scale incidents such as ransomware, insider threats, or advanced persistent threats (APT). Technical expertise in forensic acquisition/analysis across Windows, Linux, macOS, and cloud environments. Strong knowledge of attack tactics, techniques, and procedures (TTPs). Proficiency with SIEM, EDR, and forensic toolsets. More ❯

escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop, refine, and own SOC use cases, runbooks … knowledge and hands-on expertise with Splunk (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills for client interaction and reporting. Ability to work independently, lead investigations, and mentor team members. Eligible for or holding SC More ❯

ransomware, and APTs. Handle escalations from Tier 1 analysts and provide technical mentoring. Analyze and correlate alerts using SIEM and EDR tools such as Splunk and Microsoft Defender. Perform forensic analysis to identify root causes and recommend containment and recovery actions. Develop detection use cases, improve processes, and maintain accurate incident documentation. Collaborate with IT and security teams … years in cybersecurity, with strong SOC or incident response experience. Proficient in SIEM (Splunk, ArcSight) and EDR (Defender, CrowdStrike, Carbon Black). Strong knowledge of digital forensics, malware analysis, and threat hunting. Skilled across Windows, Linux, and cloud environments. Familiar with frameworks such as MITRE ATT&CK, NIST, and ISO 27001. Scripting experience (Python, PowerShell) beneficial. Preferred Certifications SOC More ❯

NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT and OT environments. In-depth understanding of adversarial TTPs and complex threat landscapes. More ❯

NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT and OT environments. In-depth understanding of adversarial TTPs and complex threat landscapes. More ❯

a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensic analysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯

a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensic analysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯

a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (eg, packet analysis with Wireshark). Proficiency with security tools such as SIEM (eg, Splunk, QRadar), EDR (eg, CrowdStrike, SentinelOne) and threat intelligence platforms. Strong Scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensic analysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯

including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access More ❯

The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and More ❯

The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and More ❯

team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires … response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact … security, with a strong background in Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication More ❯

team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires … response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact … security, with a strong background in Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication More ❯

a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and More ❯

and regional officers develop the skills and tools they need to tackle online crime. In addition, the team operates a state-of-the-art Digital Evidence Unit for the forensic analysis of computers, mobile phones, tablets, and other electronic devices. As an Enforcement Officer , you will: Support the Disruptions Team Leader in detecting, researching, and disrupting online harm. More ❯

and regional officers develop the skills and tools they need to tackle online crime. In addition, the team operates a state-of-the-art Digital Evidence Unit for the forensic analysis of computers, mobile phones, tablets, and other electronic devices. As an Enforcement Officer , you will: Support the Disruptions Team Leader in detecting, researching, and disrupting online harm. More ❯

future of real estate technology. Role Responsibilities Architect, build, and optimise scalable ETL pipelines for diverse datasets. Onboard, document, and curate external datasets for internal use. Perform data validation, forensic analysis, and troubleshooting. Deliver high-quality, maintainable Python code and participate in peer reviews. Collaborate with stakeholders and researchers to support analytics and product development. Integrate data from More ❯

future of real estate technology. Role Responsibilities Architect, build, and optimise scalable ETL pipelines for diverse datasets. Onboard, document, and curate external datasets for internal use. Perform data validation, forensic analysis, and troubleshooting. Deliver high-quality, maintainable Python code and participate in peer reviews. Collaborate with stakeholders and researchers to support analytics and product development. Integrate data from More ❯

Develop and approve Go-to-Market plans with local teams to drive subscriber growth and manage churn - Systematically track the health of key accounts identifying roadblocks and dependencies - Provide forensic analysis of issues with hands-on, detailed support - Deploy AI powered solutions to transform and accelerate knowledge and growth across the PSM network - Manage executive engagement with key More ❯

Develop and approve Go-to-Market plans with local teams to drive subscriber growth and manage churn - Systematically track the health of key accounts identifying roadblocks and dependencies - Provide forensic analysis of issues with hands-on, detailed support - Deploy AI powered solutions to transform and accelerate knowledge and growth across the PSM network - Manage executive engagement with key More ❯

profession at a local and regional level, so officers are better equipped to gather evidence and investigate online crime. Our team also operates a Digital Evidence Unit for the forensic analysis of computers, mobile phones, tablets, and other electronic devices. As an Enforcement Officer, you will support the Disruptions Team Leader in detecting, researching and disrupting online harm. More ❯

profession at a local and regional level, so officers are better equipped to gather evidence and investigate online crime. Our team also operates a Digital Evidence Unit for the forensic analysis of computers, mobile phones, tablets, and other electronic devices. As an Enforcement Officer, you will support the Disruptions Team Leader in detecting, researching and disrupting online harm. More ❯