1 to 25 of 47 Incident Response Jobs in the Midlands

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a week in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a week on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - minimum 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. … As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. … for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

you're inspired to think big and bring your ambition to work every day, which is why, at British Airways the sky is never the limit. The role: Cyber Incident Lead This role reports into the Cyber Incident Manager, and works with stakeholders across the organisation to ensure BA is able to effectively identify, respond, and recover from … to, and manage, cyber incidents across the BA estate 24/7 365 days a year as part of an on call function. Responsible for developing, maintaining, and managing incident response processes Ability to present on complex, technical concepts to a wide range of stakeholders of varying seniority and knowledge Confident to engage with business stakeholders and build … ambiguous information Assist with the development of BA's in-house digital forensics capability, supporting various investigation teams across the organisation Work closely with other cyber teams to feed incident data back into tuning our security tool configuration and assessing our deployed controls Effectively liaise and communicate with other Operating Companies (OpCos) within IAG to respond to wider-impacting More ❯

Senior Incident Responder/IR Consultant Hybrid - Birmingham Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Senior Incident Responder/IR Consultant Hybrid - Birmingham Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

contact for security incidents, leading investigations, and ensuring effective resolution Design, implement, and manage security measures for our applications and infrastructure to protect against security breaches Develop a rigorous incident response plan and lead post-incident reviews to improve our security posture Collaborate closely with development and infrastructure teams to integrate security practices into the DevOps pipeline … Oversee the deployment and management of security monitoring tools to ensure real-time visibility and response capabilities Conduct threat assessments and vulnerability assessments, and implement appropriate mitigation strategies Upskill and mentor the security team on best practices, emerging threats, and innovative security solutions Stay current on the latest cybersecurity trends, technologies, and threats, and proactively recommend enhancements to our … merging strategies Key Qualifications: Extensive experience in security operations roles, preferably in cloud and on-premise environments Proficiency in security monitoring tools (such as SIEM, IDS/IPS) and incident response processes Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS) Experience with scripting and automation tools for enhancing security processes Excellent communication More ❯

Centre (SOC) business. This is a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal … teams, this could be your next big step. What You’ll Be Doing Acting as the primary point of contact for clients on SOC service matters, including escalations and incident updates Leading major incident coordination , including investigation, containment, and remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams … configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional More ❯

evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks … Stay updated on the latest intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Coordinate with the IT department to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake security assessments such as Phishing More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or third … in a number of the following fields of expertise: Very strong experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. strong experience in providing Vulnerability Management Services Demonstrable experience and knowledge More ❯

critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only … security events. Monitor and manage the performance of the SIEM infrastructure. Security Engineering: Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance More ❯

of our lives. They're going through an exciting transformation period —building out their cyber security capabilities from the ground up. They're now looking for an experienced Cyber Incident Response Lead to help shape the function, drive best practices, and make a lasting impact on how the organisation responds to evolving threats. Key experience they're looking … for: Solid background in Incident & Problem Management, with the ability to lead effective responses and continuous improvement initiatives. Strong Stakeholder Management skills, with the confidence to work across technical and non-technical teams. Familiarity with ITIL and Service Management framework. A good understanding of the current Cyber Threat Landscape, including common threat actors, attack vectors, and response strategies. More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks -from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks -from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

what users need, when they need it. Provision of effective cyber security protective monitoring, vulnerability management in conjunction with technical teams and suppliers, and a responsive and effective cyber incident response capability. Lead on software licencing (circa £40m/y) seeking to ensure legal compliance and cost effectiveness Provide a comprehensive inventory of the IT estate to enable … Certification in ITIL mandatory. A thorough understanding of modern IT technologies and management approaches. Knowledge and experience in leading in an operational environment. Knowledge of cyber security and cyber incident response Desirable a certification in Service Operations. Skills Required Strategic thinking and strategy development, especially in the area of IT services. Exceptional leadership skills, including in operational crisis More ❯

training and mentoring provided.Benefits: Competitive salary Excellent working environment Progression opportunities Westfield health IT Engineer Responsibilities: Manage technical support queues from triage through to resolution, ensuring compliance with SLA response and resolution times. Troubleshoot, diagnose, and resolve hardware, software, and system-related issues. Act as a key liaison with third parties and government systems to escalate and resolve operational … onboarding and offboarding processes, ensuring smooth IT access setup and deactivation. Manage licensing, user accounts, and group permissions within Microsoft 365. Proactively monitor system health, conduct Level 1-3 incident analysis, and escalate identified cyber security risks. Participate in incident management activities, including major incident response calls, adhering to ITIL support practices. Maintain and enhance network More ❯

space and MS-SQL databases A point of escalation for all Application related issues within the Application Support team. Working as part of a second line support function following incident management through to incident resolution. Natural problem solving with ability to apply previous experience to new problems working towards route cause analysis. Ensuring the entire application estate aligns … availability, and performance of software systems through a combination of software engineering and systems administration principles. Responsible for monitoring, automating, and improving the operational aspects of software systems, including incident response, capacity planning, and performance tuning Understanding of ITIL process, incident management, change management and problem management including working to strict SLAs. Maintaining middleware such as; IIS More ❯

Microsoft Defender) Excellent written and verbal communication skills Experience configuring and deploying Microsoft technologies such as Microsoft Defender and Azure Experience using and developing playbooks for SOC processes and incident response Strong understanding of IT & networking fundamentals (eg TCP, DNS, TLS) Able to work effectively in a team as well as confident working independently and taking accountability for More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

warnings). Notify the government of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the government's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Knowledge of cybersecurity and privacy principles, computer networking concepts, protocols, network security methodologies, laws, regulations More ❯

track record in endpoint protection, IAM, patching, and vulnerability management. Skilled in Microsoft Intune, Defender suite, and Sentinel SIEM. Experience supporting security compliance programmes. Excellent coordination skills, especially during incident response. Able to balance operational delivery with strategic infrastructure and security improvements. Contract Details Duration: Initial 6 months (potential extension) Rate: Circa £475/day (Inside IR35) Location: Hybrid More ❯