1 to 25 of 81 Incident Response Jobs in the North of England

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern … edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including

Incident Response - Recovery Specialist Salary: Up to £60,000 DOE Location: Manchester (with travel at short notice) Step into a role where your expertise makes an immediate and measurable impact. We're recruiting on behalf of a fast-growing cyber security organisation that specialises in incident response … join a company that invests heavily in training, development and career progression This is not routine support work. This is hands-on, technically rich incident recovery where your skills directly shape the outcome. What You'll Be Doing Restoring and rebuilding client infrastructures after cyber attacks Remediating compromised environments

Incident Response - Recovery Specialist Salary: Up to £60,000 DOE Location: Manchester (with travel at short notice) Step into a role where your expertise makes an immediate and measurable impact. We're recruiting on behalf of a fast-growing cyber security organisation that specialises in incident response

Incident Response - Recovery Specialist Salary: Up to £60,000 DOE Location: Manchester (with travel at short notice) Step into a role where your expertise makes an immediate and measurable impact. We're recruiting on behalf of a fast-growing cyber security organisation that specialises in incident response

Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about cyber, incident response and proactive threat management within a dynamic, fast-paced environment. This is a junior/intermediate security analyst position, and could be ideal … remediation efforts for identified vulnerabilities in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health

Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about cyber, incident response and proactive threat management within a dynamic, fast-paced environment. This is a junior/intermediate security analyst position, and could be ideal … remediation efforts for identified vulnerabilities in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health

policies, and standards. Conduct risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead … incident response and recovery, including investigations and post-incident reviews. Deliver security training and awareness programs across the business. Assess and monitor vendor and third-party security compliance. Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote

operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with … governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness

Level 3 Analyst North West/Hybrid CrowdStrike LogScale SIEM Incident Response Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services click apply for full

assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel … detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other departments to ensure a unified security approach, including third-party risk

KPIs, SLAs and operational targets are met and continuously improved Managing, mentoring and developing SOC analysts to maintain a high-performing team culture Overseeing incident response processes, ensuring issues are escalated, handled and closed effectively Supporting the refinement of SOC processes, reporting, documentation and operational standards Acting … performance and process management A commercially minded approach, comfortable working with KPIs, reporting and wider business objectives Good understanding of SOC tools, processes and incident response workflows Strong communication skills with the ability to work effectively across technical and non-technical teams Exposure to or collaboration with service

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills

development, test and production environments to ensure consistency and predictable use Provide operational alignment across DBA and SRE practices including performance tuning, monitoring and incident response Maintain monitoring, alerting and runbooks to support effective detection and resolution of operational issues Implement and oversee backup, failover and disaster recovery … cost optimisation across infrastructure and cloud services Maintain and communicate IT policies covering access management, patching, security, device management and change control Lead incident response and ensure follow up actions drive lasting improvement Build and maintain productive relationships with internal teams and external service providers Key Skills

reliable, high-performance database technologies across multiple environments. Mentor and coach a diverse, globally distributed team of DB engineers. Shape and refine processes like incident response, postmortems, and capacity planning to ensure smooth ops. Collaborate with infrastructure, product, and security teams on platform database initiatives. Drive best practices … specifically prioritisation, tracking schedules and deadlines, communicating across team/org boundaries. You have experience managing process design: running a smooth on call rotation, incident response, postmortems, load testing, capacity planning, etc. You have hiring experience: predicting staffing needs, designing interview loops, evaluating candidates, assisting with closing candidates

reliable, high-performance database technologies across multiple environments. Mentor and coach a diverse, globally distributed team of DB engineers. Shape and refine processes like incident response, postmortems, and capacity planning to ensure smooth ops. Collaborate with infrastructure, product, and security teams on platform database initiatives. Drive best practices … specifically prioritisation, tracking schedules and deadlines, communicating across team/org boundaries. You have experience managing process design: running a smooth on call rotation, incident response, postmortems, load testing, capacity planning, etc. You have hiring experience: predicting staffing needs, designing interview loops, evaluating candidates, assisting with closing candidates

Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate … requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows

services, define strategic vision for improvement and reliability. Service Design and Implementation: Collaborate with architects and engineers to design secure services and oversee deployments. Incident Management: Coordinate incident response, root cause analysis, and corrective actions. Infrastructure Management: Ensure patching, evergreening, backups, and compliance for on-prem

Clearance - Manchester Based or ability to travel to Manchester.- Experience as in a Site Reliability Engineering role SITE RELIABILITY ENGINEER ESSENTIAL SKILLS- Reliability, incident response/incident management experience - Experience with Monitoring and Observability tools such as Prometheus, Grafana and OpenSearch- Automation tools (Go, Bash)- Experience with

business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such … 24x7 operational security coverage. Proactively drive efficiency improvements via the use of automation and AI in security operations processes. Own and develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain

participate in telecommunications projects, including system upgrades, migrations, and new implementations. Collaborate with other IT teams and external vendors to ensure project success. Incident Management Manage and document the lifecycle of critical incidents from initial report to resolution, including post-incident reviews. Develop and maintain incident response

detect, analyse, and respond to security threats in real-time. Proactively identify vulnerabilities and risks through regular assessments and penetration testing and lead incident response efforts for cloud-related security breaches, ensuring minimal downtime and data loss. Develop automated workflows for vulnerability management, incident detection, and response.