1 to 25 of 75 Incident Response Jobs in the South East

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

work will include proactive security monitoring across our hybrid cloud and on premises environment, triaging and investigating alerts, and supporting coordinated incident response activities. You will operate our vulnerability management processes, translate threat intelligence into actionable defences, and contribute to the improvement of detection content and security controls. … contribute to several high impact initiatives including: Establishing a more mature, risk based vulnerability management lifecycle and reducing exposure windows across critical systems Enhancing incident response readiness through improved playbooks, scenario testing, and lessons learned processes Uplifting monitoring coverage and the effectiveness of SIEM/EDR/ ...

This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst … cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would ...

centralised SRE model, you'll partner closely with product and engineering teams while maintaining horizontal responsibility for production health, resilience, and scalability.You'll lead incident response, define reliability standards, influence architectural decisions, and build automation that elevates deployment safety and operational efficiency. This is a hands-on, senior … risks and drive long-term preventative improvements* Define and refine SLIs, SLOs, and error budgets aligned to customer and business outcomes* Lead high-severity incident response, post-incident reviews, and remediation planningArchitecture & Resilience* Influence system architecture to improve scalability, availability, and failure isolation* Design multi-region ...

partnering with a fast‐growing cyber consultancy to hire a Senior Consultant who can lead complex cyber resilience engagements. Shaping security architecture, guiding incident response, and landing outcomes that measurably reduce risk. What you’ll do Lead the planning and delivery of large‐scale cyber projects, from discovery … Design and architect secure, scalable solutions across on‐prem and cloud (AWS), integrating with networking, virtualisation (Nutanix/VMware), storage and IT operations. Own incident response: playbooks, coordination, post‐incident reviews, and continuous improvement. Deploy and tune controls across SIEM/XDR (e.g., Rapid7 InsightIDR, SentinelOne), vulnerability ...

dashboards, alerts, and log data to identify suspicious or malicious activity. Alert Triage: Perform initial investigation and prioritisation of security alerts, escalating where necessary. Incident Response (L1): Assist in incident investigation, gather relevant evidence, and support escalation to senior analysts or IR teams. Threat Detection: Support detection … Exposure to SIEM tools (e.g., Sumo Logic, Microsoft Sentinel) Familiarity with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Basic understanding of: Security operations Incident response lifecycle Networking fundamentals (TCP/IP, DNS, etc.) Strong analytical and problem-solving skills Good communication skills (written and verbal) Ability ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations … stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. ...

fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules … experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

Analyst (Tier 2) to support their security operations function. This role will focus on investigating security incidents, improving detection capabilities and supporting the wider incident response process. Key Responsibilities: Investigate and respond to security alerts and incidents Perform threat analysis and incident investigation Analyse security logs … understanding of security threats, vulnerabilities and attack techniques Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic) Knowledge of endpoint security tools and incident response processes Strong analytical and investigative skills Nice to Have: Experience with CrowdStrike, SentinelOne or Microsoft Defender Knowledge of MITRE ATT&CK framework ...

develop their technical skills and gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential … security incidents Triage alerts and escalate incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working ...

Detection & Response Analyst (SOC/Security Engineering Pathway) Portsmouth (Hybrid) Why this role is different Most SOC roles are alert-heavy and repetitive. This isn’t one of them. You’ll be joining a team that’s actively moving beyond traditional SOC work—focusing on threat detection, automation … Working with security tooling (EDR, SIEM, cloud security platforms) Supporting threat hunting and proactive detection activities Collaborating with engineering teams to improve automation and response Contributing to continuous improvement of security operations What we’re looking for We’re open to people from a range of backgrounds, including ...

implementation and improvement of security controls. Develop and deliver a company-wide information security training and awareness programme. Serve as the Primary Incident Response Manager for information security incidents. Manage and review information security risks across the organisation. Lead information security improvement initiatives. Oversee supply chain information security … risks and vendor assessments. Essential Skills & Experience Strong experience in policy and standards development. Cyber incident response expertise. Security architecture knowledge. In-depth understanding of ISO27001 controls. Experience with Cyber Essentials Plus certification. Strong risk management capability. Proven ability to communicate with and influence senior stakeholders. Desirable Audit ...

expertise and a passion for delivering safe, secure, and reliable critical infrastructure services. You will play a key role in ensuring operational continuity, driving incident response, supporting service delivery, and maintaining compliance across complex datacentre environments. Responsibilities: Data Centre Operations: Ensure full compliance with datacenter policies, safety standards … tasks and projects in collaboration with cross-functional technical teams. Manage operational programs and contribute to Root Cause Analysis (RCA) processes. Lead or support incident response efforts for critical infrastructure failures, ensuring rapid recovery and minimal downtime. Identify risks in the critical environment and implement mitigation strategies. Manage ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

estate. Working closely with service delivery leadership, suppliers, and internal stakeholders, you will ensure the smooth operation of critical infrastructure while coordinating technical changes, incident response, and ongoing enhancements. This role plays a central part in maintaining operational excellence across a complex, technology-driven environment, ensuring systems remain … with CAB processes and estate standards. * Participate in Change Advisory Board (CAB) activities, ensuring all changes align with operational stability and compliance requirements. * Coordinate incident response and service requests with external partners, ensuring timely resolution and accurate documentation. * Support ICT projects, upgrades, and mobilisation activities, balancing operational priorities ...

Risk Management: Own and manage the security risk management program, including advanced risk assessments, vendor risk reviews, third-party due diligence, and mitigation planning. Incident Response & Improvement: Collaborate on incident coordination, response, root cause analysis, and driving continuous improvement initiatives. Stakeholder Communication: Deliver clear, data-driven ...

mitigation activities Oversee security architecture to ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third-party security testing, including penetration testing and phishing … delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical ...

incidents on critical client infrastructure. Perform in-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerability Provide Incident Response support when required, providing guidance on containment, eradication and recovery activities. Maintain and, where appropriate, improve and develop team knowledge … Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Input into threat intelligence activities when required. Represent the SOC within Stakeholders meetings ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/… technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. ...

hiring a seasoned VP-Level Major Incident Manager to lead end-to-end management of high-severity technology incidents across a complex, regulated environment. You will command incidents from detection through restoration, ensure crisp executive communications, drive cross-technology recovery, and influence decisions that directly impact operational stability. What … Lead and coordinate major incidents across infrastructure, applications, middleware, cloud, EUC, network, identity, data, and third parties Establish and manage incident command structure, including team roles, bridge calls, and communications, ensuring clear ownership and rapid triage Drive restoration by coordinating technical SMEs, vendors, and operations teams; remove blockers ...

control frameworks Lead security audits, manage remediation, and track follow-up actions Cyber Operations Oversight Manage vulnerability scanning programmes, penetration testing, and remediation Oversee incident management processes and escalation procedures Maintain incident response, disaster recovery, and business continuity plans Ensure high standards for access control, monitoring, encryption ...