1 to 25 of 200 Incident Response Jobs in London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued … state of the art tools for maximum impact, then we have a home for you. The successful candidate will work with a team of incident responders at one of Visa's Cyber Fusion Centers. The team is part of a larger organization located across multiple geographical sites that ...

LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: Grade Level (for internal use): 11 The Role As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company's security program, ensuring … decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

integrated into business unit initiatives, motivating business units to adopt efficient security controls throughout their lifecycle. Oversight of R&B’s and Corporate platforms response to Incident, integrating cyber incident response policies with business operations to improve agility and effectiveness in cyber incident management. Work … internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to senior management on cyber incident response readiness and effectiveness. Collaborate with security leadership to enforce cyber security policies and practices, addressing operations and incident response. Provide expertise ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

group’s Data Protection Lead (a non-statutory role distinct from a formal DPO appointment). The group’s security posture, risk register, incident response and audit defensibility all sit with you. If something has a security or data protection dimension, it lands on your desk first. Security … endpoint protection (Bitdefender GravityZone), conditional access, MFA, identity governance, vulnerability management, and security awareness and phishing simulation programmes via KnowBe4. Lead incident response — triage, containment, recovery, post-incident review and reporting, with playbooks kept current and tested. Oversee security across Auro Technology’s software stack — IoT device ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...

business teams to protect research data, intellectual property, scientific platforms, regulated data and contract-bound information. Own and continuously improve Nxera’s cyber incident response capability, including playbooks, escalation routes, tabletop exercises, communication protocols and post-incident reviews. Manage the relationship and operational effectiveness of external cybersecurity … Microsoft Entra ID, Azure security, Intune, Microsoft Defender, Conditional Access, endpoint protection, data loss prevention, logging and monitoring. Experience with cybersecurity governance, risk management, incident response, vulnerability management, third-party security assurance and security control improvement. Experience managing external cybersecurity partners/vendors, such as SOC/ ...

mature cyber security capability, working closely with an outsourced Security Operations Centre. This is a hands-on technical role focused on security monitoring, incident response, threat detection and platform optimisation, with particular emphasis on CrowdStrike and Splunk technologies. You will also support capability development within the wider security … will need proven experience working with the following: Cyber Security Engineering or SOC Engineering within complex environments CrowdStrike Falcon, including endpoint protection, detection and response Splunk Enterprise Security, dashboard development and alert optimisation Incident response, threat hunting and security monitoring Writing and optimising Splunk SPL queries Security ...

execution, scaling the team, building operational maturity, and championing AI-augmented development practices. You will operate at multiple levels — coaching managers and ICs, owning incident response, and setting the operational direction for Xapien’s engineering organisation. The CTPO retains product and technical vision; you make it happen. This … architectural decisions within a domain-driven design structure. ● Establish engineering-wide standards for code quality, review processes, and technical governance. ● Build observability, incident management, and on-call practices that scale with team growth and deployment frequency. ● Embed DevOps, MLOps, security, and compliance practices into day-to-day workflows. ● Balance ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...

hybrid working mode. In this role, you will lead the Security Operations Center's day-to-day functions, focusing on operational excellence in incident management and response. This position ensures round-the-clock coverage, drives team performance, and maintains a high standard for incident handling and escalation. … providing leadership in Real Time threat detection and response, you will strengthen organizational resilience and safeguard critical systems against evolving cyber threats. Responsibilities Lead and oversee incident management and response processes within the SOC Manage shift coverage, ensuring continuous and effective operation Monitor and analyze key performance ...

reliability problems across our stack, then design and implement software and systems to create step-function improvements. You will design robust observability solutions, lead incident response, automate operational tasks, and continuously improve our infrastructure's reliability, all while mentoring and educating the broader engineering team to make reliability … Build systems to monitor and report on these metrics, holding teams accountable and ensuring we maintain high reliability standards while balancing innovation speed. Lead Incident Management and Response: Act as a senior leader during high-impact incidents, guiding the team to rapid resolution. Conduct thorough, blameless post-mortems ...

operational resilience, developer experience and infrastructure team leadership. You will be responsible for shaping the long term infrastructure roadmap, improving reliability and observability, strengthening incident response and ensuring the platform can support a growing customer base and increasingly critical product suite. This is a role for someone … cloud architecture to support scale, resilience and performance Set standards across infrastructure, CI/CD, environments and observability Lead production reliability, uptime, incident response and post incident reviews Improve monitoring, alerting and on call practices to ensure they are effective and sustainable Partner closely with the Information ...

Cyber Security Consultant - Incident and Vulnerability Management +6 months + +1 day a week on site in London/Preston/Birmingham - 4 days WFH +Inside IR35 + 550 - 580 a day +SC cleared role - must have current active clearance +Sole British nationals only due to nature … project Role Description: Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

Cyber Security Consultant - Incident and Vulnerability Management Duration: 6 months Location: 1 day a week on site in London/Preston/Birmingham - 4 days WFH Employment type: Inside IR35 Rate: £550 - £580 a day SC cleared role - must have current active clearance Sole British nationals only … nature of the project Security Incident & Vulnerability Management Consultant (Operational Integrator/SIAM - Transition Role) UK Sole National ONLY Security Clearance required Role Summary The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within ...

organisation based in the Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience … procedures, and playbooks to respond to cyber threats. Develop and maintain cyber strategy, capabilities to stay ahead of emerging threats. Lead the Cyber Defence response for the organisation when under cyber-attack. Lead and manage multiple cyber security teams. Engage with stakeholders, report to snr management and collaborate with ...

tooling Career progression within a growing security function Key responsibilities: Monitor, investigate and respond to cyber security alerts and incidents Lead and support incident response activities Conduct threat hunting and threat modelling exercises Manage vulnerability remediation and penetration testing activities Support and improve SIEM, EDR/…/XDR, IDS/IPS and firewalls Good understanding of Microsoft Azure security technologies Knowledge of NIST, ISO27001 and CIS Controls Experience in incident response, vulnerability management and threat intelligence Relevant certifications such as CISSP, CISM, GIAC or Security+ Soft skills: Strong analytical and problem-solving abilities Calm ...

maintained. Establish, document, and enforce security controls that safeguard information flows across internal systems, third parties, and public networks. Develop, maintain, and execute incident response and crisis management procedures, ensuring swift and effective mitigation of security events while minimizing business disruption. Monitor security operations to identify anomalies, investigate … compliance activities. GENERAL Be the primary point of contact for all information security alerts and breaches within the Bank and coordinate responses via incident management protocols. Daily administrative tasks, reporting, and communication with the relevant departments in the organization. Maintain security records and documents of controls, security dashboards ...

implement next generation Microsoft cloud security across Azure and multi cloud environments. Drive adoption of Agentic AI for Security to enable autonomous detection, adaptive response, and continuous security posture improvement. Enhance Microsoft Sentinel with MCP (Model Context Protocol), Sentinel Data Lake, and Sentinel Graph capabilities for advanced analytics, threat … Automate, and advanced SOAR workflows. Drive proactive threat detection, email threat defence, and automated containment using MDO and Darktrace Email. Partner closely with GSOC, Incident Response, Threat Hunting, TI and Cloud Engineering teams to deliver unified detection, response, and governance. Manage, mentor and strengthen a team ...

data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents and response … understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes: CISSP, CISM ...