1 to 25 of 46 Incident Response Jobs in East London

a “cloud-first” Cyber Defense, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. In the Cyber Defense Security Analyst role, you will … alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider threats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the … up to date. Develop and implement automated processes for monitoring and enforcing insider risk policies. Participation in security root cause analysis and forensics as part of NorthMark Strategies’ Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs More ❯

security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal … with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/ More ❯

NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience More ❯

deliver cyber risk reporting and appetite statements. Maintain Information Security policy and procedure ensuring content is relevant to the current cyber threat landscape. Maintain, develop and test the Cyber Incident Response Plan, ensuring content is relevant to the current cyber threat landscape. Monitor, maintain and manage Lancashire compliance with its relevant cyber security regulation obligations. Manage actions and More ❯

and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP More ❯

rewards performance. Role Purpose Infinigate are seeking an ambitious Cyber Security Engineer to join their UK IT Security team. This new role within the business has been designed in response to business growth demands and to offer career trajectory to the successful candidate within an fast accelerating industry and company. To be successful in this role, you will wield … latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with … working knowledge and experience of Microsoft Azure security architecture. Experience in key cloud and network security architecture. Good understanding of NIST Framework. Exposure to security monitoring technologies Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform Root Cause Analysis Experience with vulnerability assessments More ❯

within an MSP or multi-client setting) Security certifications like Security+, CySA+, or equivalent (working toward CISSP or equivalent a bonus) Strong understanding of threat detection, risk analysis, and incident response Excellent communication and documentation skills Why Join? Broad exposure across industries and technologies Supportive, close-knit team environment Clear progression paths into senior engineering or consultancy Training More ❯

vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Collating security incident and event data to produce monthly exception and management reports Reporting unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes Developing and maintains documentation … individual will need: Exceptional communication skills (both written and verbal) At least 18 months experience of working with cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management Experience in developing, documenting and maintaining security procedures Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts More ❯

deep expertise in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve SOC operations, particularly around threat detection, and IR. … configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security More ❯

and threat intelligence, ensuring timely resolution. Perform or coordinate OS and application patching using tools such as SCCM, Ansible, Tanium, or Satellite. Contribute to remediation playbooks, SOPs, and security incident response plans. Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments. Remediate security misconfigurations or threats in AWS, Azure, and/or GCP More ❯

Cyber Security SOC Support Analyst, you’ll play a critical front-line role in monitoring cyber threats and responding to security incidents. You’ll triage alerts, provide initial incident response using predefined playbooks, and escalate high-priority threats to the senior escalation team. You’ll also handle client communications during active incidents and provide operational support to the … SOC role, preferably within a managed services environment • Practical knowledge of Microsoft Defender XDR and Sentinel SIEM tools • Familiarity with the Microsoft Defender suite, particularly Endpoint Detection and Response • Solid understanding of Microsoft 365 cloud technologies from a security and threat landscape perspective • Hold current certifications in SC-200 (Security Operations Analyst Associate) and SC-900 (Security, Compliance, and … Customer-focused mindset with a commitment to delivering responsive and professional support What would be desirable? • Previous experience in a client-facing or service desk support environment • Familiarity with incident reporting procedures and stakeholder communication best practices • Good telephone etiquette and a proactive, service-oriented mindset To Apply... Please apply through this advert or email your CV directly to More ❯

with the cybersecurity team to integrate DLP measures with broader security initiatives. Your responsibilities: Monitor DLP Systems – Oversee and manage DLP alerts to prevent unauthorized data access and leakage. Incident Analysis – Investigate DLP security incidents, provide reports, and recommend corrective actions. Policy Implementation & Maintenance – Assist in deploying and updating DLP policies, configurations, and security controls. User Support & Training – Provide … security measures and infrastructure. Your Profile Essential skills/knowledge/experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts, analyze logs, and resolve issues efficiently. Regulatory Compliance Knowledge – Understanding of GDPR, ISO 27001, and other industry standards related to data … Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now. More ❯

evolving threat landscape. What You’ll Be Doing Effectively operate and enhance existing cyber security tools, while researching and deploying new solutions (e.g. XDR, SOAR). Lead and support incident response activities, including simulations and live scenarios. Oversee and maintain the outsourced SOC team and other cyber partners. Review and implement policy improvements aligned to GDPR, ISO27001, NIST More ❯

modern security architectures Exposure to automation/scripting in PowerShell or Python for infrastructure or policy workflows Experience deploying or integrating SIEM and EDR tools, as well as conducting incident response (Preferred) Familiarity with security frameworks such as NIST 800-53, CIS Benchmarks, or ISO 27001 (Preferred) Industry certifications such as AZ-500, SC-300, or AWS Security More ❯

data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus. Additional Information The Team Our technical More ❯

Strong understanding of regulatory frameworks (FCPA, GDPR, SOX, UK Bribery Act, etc.); Experience with digital forensics, e discovery tools, and data analytics in investigations; Familiarity with cybersecurity risks and incident response processes; Strong analytical and problem solving skills, with attention to detail; Excellent communication and report writing abilities; High level of integrity, discretion, and ability to handle confidential More ❯

compliance and vulnerability management. Beyond operational stability, the role demands a continuous improvement mindset - proactively evaluating the platform and driving enhancements to optimise efficiency, resilience, and user experience. Manage incident response, problem management, and change management processes in collaboration with other platform teams. Ensure effective monitoring, health checks, and proactive maintenance across services all Cloud infrastructure services (including More ❯

procedures – protecting systems and data across Perenna's estate is a critical function, so you’ll be at the heart of our cyber security work. Participate in cyber security incident responses – you’ll contribute across the full lifecycle, and be comfortable monitoring and analysing security events, investigating potential incidents, and providing recommendations for remediation where required. Take ownership of More ❯

SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate threats. Create and maintain documentation, playbooks, and incident reports. Continuously improve SOC processes and detection capabilities. What We're Looking For More ❯

SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate threats. Create and maintain documentation, playbooks, and incident reports. Continuously improve SOC processes and detection capabilities. What We're Looking For More ❯

pipelines Enhancing automation Security assessments and automation Implementing monitoring and alerts Required skills: Understanding of AWS infrastructure - IAM, S3, ECS, EC2, Lambda IaC with Terraform Strong Python skills Implementing incident response and SIEM Experience working within large enterprise and financial services space. London - Onsite 2 days per week No visa sponsorship available More ❯

known organisations. Youll play a key role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse telemetry data (metrics, logs … platforms with ITSM tools (e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflows Act as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best practices in observability and monitoring More ❯

most sophisticated threat actors out there and genuinely develop your career within one of the most reputable banks worldwide. Senior Cyber Operations Analyst – Key Responsibilities: Lead the investigation and response for escalated security incidents, performing in-depth analysis and coordinating containment and mitigation strategies. Conduct proactive threat hunting using network traffic, behavioural patterns, threat intelligence, and security telemetry. Utilise … tune SIEM tools such as Splunk, leveraging advanced queries and dashboards to identify anomalies. Collaborate closely with global security teams, threat intelligence units, and stakeholders to improve detection and response playbooks Senior Cyber Operations Analyst – Requirements: Strong proficiency with SIEM platforms, ideally Splunk, including custom query writing and dashboard development. Deep understanding of incident response, including network More ❯

networks, NAS servers, CCTV, and Wi-Fi systems. Ensure adherence to IT policies, security protocols, and data protection regulations. Review and contribute to cybersecurity reports, training completion tracking, and incident response documentation. Set up, manage, and maintain user accounts, hardware, and software across offices and remote environments. Collaborate with external vendors for service and support as required. Prepare More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯