1 to 25 of 92 Incident Response Jobs in the South East

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

enterprise clients.* Full-time, permanent role focused on securing client infrastructures across network, cloud, and endpoint environments.* Hands-on position covering security design, incident response, vulnerability management, and client consultancy.* Hybrid working model with strong benefits, development pathways, and exposure to complex, real-world security challenges.* To apply … Security Engineer, you'll play a key role in securing client IT environments by designing, implementing, and managing robust security solutions. You'll lead incident response activities, conduct vulnerability assessments, and proactively identify risks across network, cloud, and endpoint systems. You'll work directly with clients to understand ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

cloud environment. This is not a traditional SOC role focused on alert handling . The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment. … senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes. Typical responsibilities include: Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis. Designing, tuning and improving detection across SIEM ...

responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management Ensure … effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

Incident Manager Location: Central London | Salary: £38,000 to £40,000 | Job Type: Permanent Take the lead when it counts most — keep services running and stakeholders confident. Are you an experienced IT Incident Manager looking for a new challenge in a fast-paced and high-impact environment? This … manage high-priority and major incidents from initiation to resolution Coordinate cross-functional IT teams to restore services quickly Maintain ownership of the incident lifecycle and ensure SLAs are met Act as the central communication point during live incidents Provide clear, real-time updates to stakeholders at all levels ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...

operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage … vulnerability assessments and remediation efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

operational needs Translate SOC analyst pain points, workflows, and use cases into actionable product features and user stories Design and validate alert prioritization algorithms, incident triage workflows, and automated playbook logic based on operational experience Collaborate with product managers to shape product strategy, roadmap priorities, and feature definitions Conduct … experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat ...

leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client is a respected not-for-profit UK organisation with … regulatory requirements. Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight. Set, enforce, and update security policies, standards, and technical controls. Lead incident response, including investigation, coordination, remediation, and reporting. Manage supplier assurance, third-party risk, and security obligations within contracts. Plan and support external audits ...

Your role will often require close collaboration with other parts of the business to help identify, enable, and drive the right investigation steps and response actions. The GSOC defends the whole of Nationwide and Virgin Money's estate, both Member-facing and support capabilities, requiring engagement and communication with … both technical and non-technical teams across the business. You'll help mature our internal processes, developing or defining appropriate detection, response and containment capabilities as well as contributing to the GSOC Strategy. You will help shape our future technology direction, suggesting and assisting with innovative ways to combat ...

engineering teams - ensuring applications are designed, built and maintained with robust security at their core. You will lead threat modelling, manage vulnerability backlogs, support incident response, and help uplift security maturity across development squads. Key Responsibilities Define and implement product security policies, tooling and standards across the SDLC … tracking remediation Liaise on bug bounty findings and ensure timely fixes Conduct root cause analysis for security incidents and systemic issues Act as Incident Commander or Investigation Lead during security events Partner with CI/CD teams to integrate SAST, DAST, SCA and other security controls Collaborate with product ...

implementing technical protocols to owning security compliance to championing best security practice to the business. The Role Design and implement security solutions Contribute to Incident response and Disaster Recovery programs Partner with IT and wider business to align processes with best practice Ensure compliance with security policies, procedures … frameworks Lead and participate in incident response and disaster recovery programs Skills and Experience Strong knowledge of IT infrastructure and security tools Proven understanding of desktop and server operating systems Experience with SIEM, endpoint protection, identity management and cloud security tools Understanding of cloud security and compliance (CISSP ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

align IT priorities. Conduct regular service reviews and provide reporting ahead of key meetings, demonstrating performance against KPIs, SLAs and contractual obligations. Risk & Incident Management Develop and maintain risk management strategies to minimise service disruption. Lead incident response and ensure timely resolution, minimal business impact and clear ...

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...