1 to 25 of 42 Incident Response Jobs in Central London

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯

strategy, ensuring robust protection for our IT systems, OT infrastructure, and critical business data. Reporting directly to the Senior European IT Director, you’ll develop and implement policies, lead incident response, ensure compliance with industry standards, and promote best practice in technology risk management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned … with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network security across internal and customer-facing systems. Conduct risk assessments, penetration testing, and … plans related to cybersecurity. Act as the primary contact for cybersecurity vendors, regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM More ❯

strategy, ensuring robust protection for our IT systems, OT infrastructure, and critical business data. Reporting directly to the Senior European IT Director, you’ll develop and implement policies, lead incident response, ensure compliance with industry standards, and promote best practice in technology risk management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned … with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network security across internal and customer-facing systems. Conduct risk assessments, penetration testing, and … plans related to cybersecurity. Act as the primary contact for cybersecurity vendors, regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM More ❯

delivers logs, metrics, traces, and security monitoring — cutting costs by up to 70% while boosting efficiency. They are looking for a Lead SRE to own and elevate our Alerting & Incident Management platform . You’ll be the driving force behind reliability, customer satisfaction, and product excellence — ensuring smooth alert management, fewer engineering interruptions, and a best-in-class incident response experience. This role blends technical depth, customer impact, and product strategy — perfect for someone who thrives at the intersection of engineering, incident response, and product innovation. What You’ll Do Champion customer experience by speeding up alert resolution and reducing interruptions for engineers. Build solutions to common pain points, shaping roadmaps, documentation, and technical knowledge. … Develop benchmarking tools to improve performance, reliability, and scalability. Stay ahead of incident management trends to drive new workflows and product improvements. Mentor teams and lead with clear, impactful communication. What We’re Looking For 5+ years in software engineering, DevTools, or infrastructure. Strong expertise in incident management, alert routing, and large-scale orchestration. SaaS or incident More ❯

policies across IT and OT environments. Conduct risk assessments and implement proactive threat mitigation measures. Oversee Microsoft 365 security, endpoint protection, email security, and other key cybersecurity tools. Manage incident response plans and investigations, coordinating with internal teams and external partners. Ensure compliance with standards like ISO 27001, GDPR, and NIST frameworks. Promote security awareness and training across … stakeholder engagement. Strong knowledge of cybersecurity frameworks, ICS/OT security, and risk management. Hands-on experience with Microsoft 365 security tools, EDR, and related technologies. Demonstrated leadership in incident response and cross-functional security initiatives. More ❯

policies across IT and OT environments. Conduct risk assessments and implement proactive threat mitigation measures. Oversee Microsoft 365 security, endpoint protection, email security, and other key cybersecurity tools. Manage incident response plans and investigations, coordinating with internal teams and external partners. Ensure compliance with standards like ISO 27001, GDPR, and NIST frameworks. Promote security awareness and training across … stakeholder engagement. Strong knowledge of cybersecurity frameworks, ICS/OT security, and risk management. Hands-on experience with Microsoft 365 security tools, EDR, and related technologies. Demonstrated leadership in incident response and cross-functional security initiatives. More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

broad range of ServiceNow modules, including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design: Design and oversee the implementation More ❯

broad range of ServiceNow modules, including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design: Design and oversee the implementation More ❯

Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with SOC and managed Sentinel provider on incident handling Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure … insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and security solutions Work closely with DevOps, infrastructure More ❯

Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

security posture. Core responsibilities: - Overall management and maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance - Leading or participating in incident response efforts, conducting root cause analysis, and developing runbooks for incident handling - Monitoring for security threats, analysing alerts, and responding to incidents using CrowdStrike and other security More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

and London market. The successful candidate will be a conscientious and hardworking claims professional with experience in cyber and technology claims.You will work closely with the claims departments internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. You will be responsible … loss to settlement across Spanish or German jurisdictions Foster good relationships with policyholders, brokers, underwriters and capacity providers, and drive excellent customer service Actively work with a panel of response vendors during claims incidents Ensure that there is prompt and accurate reserving, identifying and pursuing relevant third party recoveries and seeking to reduce claims leakage The ability to prioritise More ❯

experience of working with Microsoft Sentinel, Defender and Purview • Excellent understanding of security frameworks (NIST and Cyber Essentials) • Ability to lead and manage third party providers • Strong understanding of incident response processes and methodologies including leading and managing incidents • Lead on root cause analysis, providing relevant documentation including recommendations • indemonstrable experience of implementing a robust and trustworthy security More ❯