1 to 25 of 382 Incident Response Jobs in London

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective … security incident response with an aim to safeguard the integrity of Citi's Microsoft 365 services. Your role is critical in ensuring a proactive and coordinated approach in responding to cloud security incidents and managing security risks within the M365 suite. You will align incident response … the evolution of cloud security practices, and guide the organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate More ❯

contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Center according to Experian's Incident Response Plan. As an individual contributor, this team member will join a new, growing team of specialized, advanced responders to support escalations of … complex and prioritized matters from Experian's existing 24x7 security monitoring and response functions, responsible for responding to and analyzing security incidents involving threats targeting Experian information assets. You will work with end-users, technical support teams, and management to ensure remediation and recovery from these threats. You will … report to the Senior Manager, Global Incident Response. You'll have the opportunity to: Conduct advanced incident response activities to investigate and contain complex or larger-scale cybersecurity matters. Orchestrate workstreams across teams (Forensics and Cyber Threat Hunting) and explain the CFC's overall understanding of the More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

A leading Commerce firm is looking for an Incident Response Lead to join their Cyber Defence team. This crucial role will support the team in enhancing its detection capabilities and modernising the incident response (IR) process across the organisation. The Incident Response Lead will … be responsible for managing the entire IR lifecycle, from initial triage through to remediation. Key Responsibilities: Manage end-to-end incident response (IR) processes, ensuring swift and effective resolution of security incidents. Develop and maintain incident response playbooks and runbooks. Analyse incident reports and provide … actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 and P2 incidents (mainly More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Engineer, Incident Response , AWS Corporate Security Job ID: Amazon Corporate Services Pty Ltd AWS is looking for a passionate Security Engineer, Incident Response who can lead the response to security issues across the largest cloud provider in the world. You must thrive in high … pressure situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication, documentation, and collaboration on security issues is critical. In this role you'll be conducting security … monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, detection and hunting, and emergent security intelligence. We don't expect More ❯

to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what … you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and More ❯

our expanding teams. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. … and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs. Design and maintain automated workflows for efficient and effective security incident response. Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy. Leverage automation frameworks and scripting languages … to streamline security operations and improve incident handling capabilities. Produce detailed incident reports and security recommendations using automated reporting and analysis tools. Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness. Provide training and guidance on leveraging automation tools for streamlined incident response More ❯

Security Engineer, AWS SOC Incident Response Job ID: Amazon Data Services UK Limited The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is looking for a highly motivated, technically inclined individual to work as a Security Engineer. A successful … fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams … to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident More ❯

You will need to login before you can apply for a job. Security Engineer, AWS SOC Incident Response Sector: Technology Role: Professional Contract Type: Permanent Hours: Full Time DESCRIPTION The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is … fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams … to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident More ❯

of cybersecurity within the organisation. You'll help build and implement the SOC within IT operations, conduct daily operations of the internal SOC including incident monitoring, analysis, and response, implement SOC procedures and best practice to ensure efficient and effective incident response, and support major incident response efforts and lead on incident response efforts including containment, investigation, analysis, and reporting of security incidents. Your profile Experience as a SOC Analyst in an enterprise scale organisation; managing security operations incidents and events Hands-on knowledge and experience of security operations and incident response planning; Cellebrite, Magnet Domain Tools Knowledge of cybersecurity principles and frameworks; ISO27001, NIST, GDPR etc. Knowledge and experience with MS Sentinel, Cisco Meraki, MS Defender, Endpoint protection Knowledge and experience with SIEM, IDS/IPS, firewalls, endpoint protection systems, and vulnerability management Knowledge and experience analysing and More ❯

projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office … PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project … Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders More ❯

projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office … PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project … Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders More ❯

Are you interested in ensuring customers can always watch their favourite movie or show? If so, you might be the right person for the Incident Manager role in the READI team who drive availability for Prime Video. Key job responsibilities Lead calls on customer impacting, high severity outages that … and operational teams, including for ambiguous problems we might not have seen before. Deconstruct complex incidents into workstreams that can be managed by multiple incident responders in parallel. Monitor and manage communications during high severity events via relevant channels, including being the single point of contact for executive leaders. … Drive critical, complex customer escalations in situations that are sometimes technically challenging in collaboration with Engineering Teams. Own improving the effectiveness of incident response by driving continuous improvement of standard operating procedures and the tools that help you resolve incidents efficiently. Proactively identify opportunities for improvement through gap More ❯

Are you interested in ensuring customer can always watch their favourite movie or show? If so, you might be the right person for the Incident Mgr role in the READI team who drive availability for Prime Video. Key job responsibilities - Lead calls on customer impacting, high severity, outages that … and operational teams, including for ambiguous problems we might not have seen before. - Deconstruct complex incidents into workstreams that can be managed by multiple incident responders in parallel. - Monitor and manage communications during high severity events via relevant channels, including being the single point of contact for executive leaders … Drive critical, complex customer escalations in situations that are sometimes technically challenging in collaboration with Engineering Teams - Own improving the effectiveness of incident response by driving continuous improvement of standard operating procedures and the tools that help you resolve incidents efficiently. - Proactively identify opportunities for improvement through gap More ❯

configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response More ❯

true positive events. The Security Engineer should be able to analyse incidents and correlate it with appropriate contextual data to determine classification, prioritisation and response to incidents. Respond immediately to cybersecurity-related incidents and provide a thorough post-event analysis. Investigates intrusion incidents and conduct forensic investigations. Act as … active part in the containment of incidents, even after they are escalated. Deliver investigation and remediation activities as a senior member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Coordinate with data asset owners and business response plan owners … during high severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques More ❯

Configure Security Solutions: Implement, optimize, and manage OT cybersecurity platforms such as Claroty, Dragos, Nozomi Networks, Microsoft Defender for IoT, and Armis. Threat Monitoring & Incident Response: Identify, analyze, and respond to security events and incidents in OT networks, collaborating with IT and operational teams to mitigate threats. Security … management, and content filtering. Cybersecurity Frameworks: Familiarity with NIST, IEC 62443, ISO 27001, NERC CIP, GSMA IoT Security Guidelines, and other industry security standards. Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation for OT environments. Technical Skills: Strong troubleshooting, analytical, and … Relevant industry certifications like: Global Industrial Cybersecurity Professional (GICSP) Certified Information Systems Security Professional (CISSP) ISA/IEC 62443 Cybersecurity Fundamentals (IC32) GIAC Certified Incident Handler (GCIH) GIAC Cyber Incident Leader (GCIL) Personal: Besides the professional qualifications of the candidates, we place great importance in various forms of More ❯

and enforce security policies, procedures, and best practices. Ensure continued compliance with industry standards, regulations, and certifications (e.g., ISO 27001, GDPR, SOC 2). Incident Response and Management: Maintain and where needed develop incident response plans. Lead investigations and response efforts for security incidents and … of cybersecurity frameworks, standards, and best practices. Proficiency with security technologies and tools (e.g., SIEM, vulnerability scanners, encryption tools). Hands-on experience with incident response, penetration testing, and threat analysis. Familiarity with secure software development practices and DevSecOps principles. Certifications such as CISSP, CISM, CEH, or equivalent More ❯

and enforce security policies, procedures, and best practices. Ensure continued compliance with industry standards, regulations, and certifications (e.g., ISO 27001, GDPR, SOC 2). Incident Response and Management: Maintain and where needed develop incident response plans. Lead investigations and response efforts for security incidents and … of cybersecurity frameworks, standards, and best practices. Proficiency with security technologies and tools (e.g., SIEM, vulnerability scanners, encryption tools). Hands-on experience with incident response, penetration testing, and threat analysis. Familiarity with secure software development practices and DevSecOps principles. Certifications such as CISSP, CISM, CEH, or equivalent More ❯