1 to 25 of 349 Incident Response Jobs in the UK

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’ Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology. Our goal … unauthorized access, malicious code. Job Summary This role serves as a critical leader within the global CERT and DFIR team, managing end-to-end incident response operations, including detection, analysis, containment, and remediation of security incidents. The position oversees the development and execution of incident response ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

Responsibilities Lead and coordinate the organisations response to security incidents from detection through containment, eradication, recovery, and closure Act as the incident commander during security incidents, leading incident bridge calls, war rooms, and stakeholder updates Coordinate and oversee forensic investigations, including evidence preservation, scoping, and investigative workflows … forensic providers to support root cause analysis and impact assessment Maintain close alignment with the SOC provider to ensure timely alert escalation, investigation, and response actions Review forensic findings, timelines, and reports to validate accuracy and completeness Coordinate with infrastructure, cloud, application, IT, and security teams to support investigation ...

Role Overview We are seeking an experienced SOC Operator to support a public sector security operations capability, with a focus on threat detection, incident response, and collaboration with delivery teams to improve security monitoring and resilience. The role involves developing detection content aligned to recognised threat frameworks, supporting … incident investigations, and helping technical and non-technical stakeholders prepare for and respond to security incidents. Key Responsibilities Develop and maintain SIEM rules and alerts in Splunk , mapped to the MITRE ATT&CK framework Analyse security events and alerts to identify potential threats and incidents Contribute to and lead ...

Cyber Incident Response Lead – Defence – SC Cleared We’re supporting the delivery of a nationally significant defence programme that’s shaping the UK’s future capabilities in secure systems and platforms.As a Cyber Incident Response Lead Specialist, you will take the helm in managing and evolving … cutting-edge cyber response function, including the oversight of a WARP (Warning, Advice and Reporting Point) service to enhance threat visibility and collaboration across stakeholders and delivery partners.Key Responsibilities Lead and coordinate response to cyber security incidents across a complex and sensitive defence environment Manage and continually evolve ...

issues. Root Cause Analysis: Conduct thorough root cause analysis for security incidents and systemic vulnerabilities, leveraging insights to drive developer training and systemic improvements. Incident Response Management: Act as Investigation Lead or Incident Commander during incident response efforts, including facilitating tabletop exercises to enhance … incident readiness. Skills & Experience: Expertise: Deep knowledge in vulnerability management, threat modeling, security architecture, and secure software development lifecycle (SDLC) practices. Incident Response Skills: Strong background in incident response, root cause analysis, and managing bug bounty programs. Communication Ability: Excellent communication and stakeholder management skills ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

enterprise clients.* Full-time, permanent role focused on securing client infrastructures across network, cloud, and endpoint environments.* Hands-on position covering security design, incident response, vulnerability management, and client consultancy.* Hybrid working model with strong benefits, development pathways, and exposure to complex, real-world security challenges.* To apply … Security Engineer, you'll play a key role in securing client IT environments by designing, implementing, and managing robust security solutions. You'll lead incident response activities, conduct vulnerability assessments, and proactively identify risks across network, cloud, and endpoint systems. You'll work directly with clients to understand ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Information Security Operations Manager to lead and mature a Security Operations (SOC) function. This is a hands-on, operational role focused on improving detection, response, and incident readiness - not a compliance or GRC-led position. You'll manage a small SOC team, own the relationship with a Managed … Detection & Response (MDR) provider, and drive continuous improvement across security operations, tooling, and processes. Key Responsibilities Lead and develop a small SOC team (2 SOC Analysts and an interim resource) Own and optimise the clear day-to-day relationship with an MDR provider Improve SOC maturity, playbooks, and incident ...

Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise to work … development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage and mentor SOC team members ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

looking for a hands-on Cyber Security professional to help strengthen and evolve its security capability. This role blends security engineering, tooling, governance, and incident response in a modern cloud-focused environment. You’ll translate security requirements into practical technical controls, support secure project delivery, and continuously improve … dashboards, and reporting Lead security initiatives and produce technical documentation and evidence packs Support deployment of new security controls alongside the Security Architect Lead incident response, including escalations, coordination, and post-incident reviews Work closely with IT and Digital teams to provide practical security guidance What ...

selection, design, and transition from fragmented security tooling to a unified SIEM platform and security data lake . Drive a fundamental shift from incident-focused, task-based workflows to preventative security activities and platform optimisation . Proactive Threat Focus Guide the evolution from reactive alert handling to proactive threat … prompt injection, data poisoning, and model theft . Deploy and monitor “guardian agents” to provide real-time detection of malicious behaviour within AI systems. Incident Response & Resilience Guide the development, testing, and maintenance of advanced incident response plans , with a focus on high-impact threats such ...

risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been … forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused ...

driving continuous improvement across a large, complex environment. The Role As an IT Security Analyst, you will support all aspects of security operations, incident response, vulnerability management, governance activities, and the development of secure processes across the organisation. You’ll monitor and investigate alerts, analyse threats, lead security … defending large-scale environments from emerging threats. Key Responsibilities Investigate and analyse security events, correlating data and identifying root causes. Perform deep-dive incident analysis using logs, threat intel and IoCs. Conduct proactive and reactive threat hunting. Execute vulnerability assessments and support remediation activities. Carry out risk analysis, identifying ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

authority, you will shape long-term security strategy, set standards, and act as the first line of defence against cyber threats. You will lead incident response, maintain and improve cyber resilience, and provide expert advice to senior leaders on risk, governance, and investment priorities. This role is highly … implementing controls, responding to incidents, and driving continual security improvements. Key Responsibilities Lead organisational cyber security activities and strategy. Oversee monitoring, threat detection, and incident response with internal teams and a third-party SOC. Act as Incident Commander during major cyber events and maintain the cyber risk ...

ANALYST ROLE: As a Cyber Resilience Analyst, you'll be responsible for defining, maintaining, and testing the organisation's resilience plans, covering Business Continuity, Incident Response, and Disaster Recovery. You'll work closely with IT teams and stakeholders across the wider business to ensure resilience strategies are practical … robust, and effective. The role plays a key part in analysing the impact of cyber incidents on business systems, supporting incident reviews, and ensuring lessons learned are fed back into improved resilience planning. You'll also work alongside project and change teams to ensure new systems and developments ...

months). In full: Job Purpose The UK CSIRT Tier1 Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work within a team and individually, to respond to incidents and security events. … role requires the individual to have a high level of performance and individual ability. About the Role As part of the Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CISRT analyst within its Cyber Security Operations Centre (CSOC ...

Head of IT Security to build and lead a multi-disciplinary security function that protects the entire organisation. From setting strategy to refining incident response, your impact will be felt across the business. The RoleAs the Head of IT you will build and lead a multi-disciplinary security … function that protects the entire organisation. From setting strategy to refining incident response, you will strengthen how to defend, detect, and respond, and be a leader who's ready to take the security function to the next level.This is a role for a visionary, a builder, a mentor ...

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge ...