1 to 25 of 96 Incident Response Jobs in the North of England

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

and services are always reliable, available, and performing at their best. What will yo u be doing? As an SRE, you'll be instrumental in implementing automation, monitoring, and incident response strategies to minimize downtime and optimize our operations. You'll collaborate closely with our development, infrastructure, and security teams, balancing exciting new feature delivery with rock-solid … management practices. System Reliability and Availability Ensure system uptime: Monitor and maintain the availability and reliability of critical systems and services, meeting all uptime SLAs (Service Level Agreements). Incident management: Quickly respond to incidents, investigate root causes, and ensure effective postmortems and continuous improvement processes are in place. Failure detection and response: Proactively identify potential failures or … potential risks in a timely manner, minimizing impact on our players. Metrics collection: Define and track key metrics (e.g., uptime, latency, request rates) to measure system health and performance. Incident Response Incident resolution: Work quickly to resolve incidents, minimize downtime, and restore service as fast as possible. Post-incident analysis: After resolving incidents, perform root cause More ❯

Incident Responder/IR Consultant Hybrid - ManchesterUp to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as … ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You … will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of More ❯

Senior Incident Responder/IR Consultant Hybrid - ManchesterUp to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Senior Incident Responder/IR Consultant Hybrid - Manchester Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

alert fatigue. You'll create bespoke analytic rules and collaborate with analysts to refine detection capabilities. You'll also take an active role in managing security alerts and leading incident response and investigation efforts. As a senior colleague, you'll advise on cyber risks, emerging threats, and mitigation strategies aligned with the Government Security Framework and standards. You … as expected, ensuring requirements, policies, and standards to govern all activities and outputs are met. Reviewing high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring Containing and remediating those incidents, identifying potential process improvements. Communicating with a broad range of senior stakeholders and … be responsible for defining the vision, principles, and strategy for incident response Deputising for the SOC manager as a when required. Reviewing incident documentation ensuring that appropriate lessons learned are captured and implemented. Maintaining and integrating Cyber Threat Intelligence services to enhance the Departments capabilities to detect threats. Mentor junior engineers and contribute to the development of More ❯

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin - £150,000 + 40% bonus A leading international gaming and entertainment company are searching for a Director of Cyber Security to drive their Group cyber security strategy and build resilience across their global operations. The Director of Cyber Security's responsibilities will be: Lead implementation of Group … implementing technology security policies and NIST CSF standards. Strengthen cyber governance and risk management, providing timely and accurate risk reporting to senior management and risk committees. Lead Security Monitoring & Incident Response teams, ensuring robust processes across critical business systems. Oversee Platforms & Services Security teams, ensuring assets comply with NIST CSF v2 and Group policies. Manage SEC reporting requirements … experienced cyber security leader looking to drive strategic transformation at a global entertainment company with operations across multiple markets? Please apply! Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin (mostly remote) - £150,000 + 40% bonus Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds. More ❯

enable holistic analysis at a global level • Establish performance benchmarks, conduct analyses, and prepare reports on all key CMRS goals and metrics • Develop and maintain standard operating procedures, emergency response procedures, and preventive maintenance programs. Ensure standardization and consistency with best-in-class operating practices. • Engage, coach, train, and influence business partners to be an extension of Loss Prevention … on the appropriate escalation path • Effectively address product loss mitigation, physical security considerations, potential and actual work place violence incidents per policy as well as conduct testing of the incident response plans • Reviewing incident reports, documenting periodic trend summaries, and providing updates and recommended actions to management. • Take calculated risks and challenge current practices to develop and … enable holistic analysis at a global level • Establish performance benchmarks, conduct analyses, and prepare reports on all key CMRS goals and metrics • Develop and maintain standard operating procedures, emergency response procedures, and preventive maintenance programs. Ensure standardization and consistency with best-in-class operating practices. • Engage, coach, train, and influence business partners to be an extension of Loss Prevention More ❯

in Leeds office per quarter. Mostly remote working. DGH Recruitment are currently recruiting on behalf of a leading global organisation who are looking for a Threat detection and threat response subject matter expert to join the team on a permanent basis. Responsibilities: - Design, engineer, and manage automations and workflow improvements for security operations analysts to triage and respond to … detected events. - Build and enhance security automation playbooks using SOAR platforms or custom scripts Serve as a technical resource for the security operations team during active response efforts. - Conduct and manage event/incident investigations and post-mortem analysis as needed. - Document and maintain Automation, Detection and Incident Response procedures as required. - Regularly monitor and translate … logs to determine trends and identify security incidents. - Assist in responding to audits, penetration tests and vulnerability assessments. Required Skills/Experience: - Experience with SIEM security telemetry, security monitoring, incident detection, incident response and forensics - Experience in Threat hunting & IR experience in Windows and/or Linux environments, cloud/hybrid environments - Proficient in SIEM management, configuration More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities … policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups. Defining More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incident response procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯

Leadership, leading key initiatives to protect systems, data and users while helping shape the organisations security posture. What youll be doing: Managing day-to-day information security operations, including incident response and risk assessments Leading the development and implementation of security policies, standards, and controls Driving continuous improvement initiatives to strengthen cyber resilience Developing and supporting security roadmaps … to Cyber Essentials, ISO27001 or similar What youll need: Proven experience managing IT security or information security functions Strong technical knowledge of Microsoft environments and security controls Experience with incident response, vulnerability management, and security risk mitigation Confident working with both technical teams and business stakeholders Solid understanding of security frameworks and compliance standards Ability to lead projects More ❯

hierarchy or titles. It's about impact, curiosity and partnering to build something that scales well and feels right. You'll be hands on with architecture, tooling, policy and incident response. You'll enable teams to move quickly and securely, bringing clarity to complex problems and designing systems that work long after you're done with them. What you … ll be doing Collaborating with your teammates to take ownership of security across the business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage … security and data privacy, helping ensure we remain audit ready Building lightweight processes that make it easy for teams to do the secure thing by default Sharing ownership of incident response including triage, coordination and postmortem analysis Partnering with engineers and product teams to embed secure thinking into design and delivery Keeping pace with emerging threats and contributing More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks -from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

behind the curtain, ensuring our critical systems are always reliable, available, and performing like a dream . We're talking about implementing smart automation, sharp monitoring, and super-speedy incident response strategies to keep everything running smoothly. You'll be working hand-in-hand with our dev, infra, and security teams, making sure we balance exciting new features … be the guardian of our uptime, making sure our critical systems are always available and hitting those all-important SLAs . You'll also be leading the charge on incident management , getting to the bottom of any issues and making sure we learn from them. Monitoring & Alerting Maestro: Setting up and maintaining top-notch monitoring systems (like Dynatrace ) will … craft alerting systems that give us a heads-up before problems even get a chance to impact our players, and you'll define key metrics to measure system health. Incident Response Ace: When things get a bit wobbly, you'll be on the front lines, resolving incidents fast to minimize downtime. After the dust settles, you'll lead More ❯

IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data … and energy-sector-specific technologies. Demonstrable experience implementing security controls within OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber More ❯

what users need, when they need it. Provision of effective cyber security protective monitoring, vulnerability management in conjunction with technical teams and suppliers, and a responsive and effective cyber incident response capability. Lead on software licencing (circa £40m/y) seeking to ensure legal compliance and cost effectiveness Provide a comprehensive inventory of the IT estate to enable … Certification in ITIL mandatory. A thorough understanding of modern IT technologies and management approaches. Knowledge and experience in leading in an operational environment. Knowledge of cyber security and cyber incident response Desirable a certification in Service Operations. Skills Required Strategic thinking and strategy development, especially in the area of IT services. Exceptional leadership skills, including in operational crisis More ❯

to join our foundational in-house SOC team. In this pivotal role, you will be instrumental in supporting the development, implementation, and operating of our security monitoring, detection, and response capabilities, with a particular focus on our cloud environments. You'll be at the forefront of responding to incidents and alerts, and helping shape the future of our security … various security tools Perform triage and analysis of security incidents and anomalies, distinguishing between true positives and false positives. Prioritise alerts based on severity, potential impact, and business criticality. Incident Detection & Response: Investigate security incidents thoroughly, leveraging logs from platforms, endpoints, applications, and other security tools. Create and follow incident response playbooks and contribute to their … continuous improvement. Collaborate with Technology, Product and Engineering Teams to contain, eradicate, and recover from security incidents. Document incident details, findings, and remediation steps accurately and comprehensively. Additionally Stay informed about the latest cyber threats, attack techniques, and vulnerabilities, especially those targeting cloud environments. Participate in proactive threat hunting activities using available tools and data sources. Contribute to the More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯