1 to 25 of 1,118 Incident Response Jobs in the UK

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective … security incident response with an aim to safeguard the integrity of Citi's Microsoft 365 services. Your role is critical in ensuring a proactive and coordinated approach in responding to cloud security incidents and managing security risks within the M365 suite. You will align incident response … the evolution of cloud security practices, and guide the organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate More ❯

contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Center according to Experian's Incident Response Plan. As an individual contributor, this team member will join a new, growing team of specialized, advanced responders to support escalations of … complex and prioritized matters from Experian's existing 24x7 security monitoring and response functions, responsible for responding to and analyzing security incidents involving threats targeting Experian information assets. You will work with end-users, technical support teams, and management to ensure remediation and recovery from these threats. You will … report to the Senior Manager, Global Incident Response. You'll have the opportunity to: Conduct advanced incident response activities to investigate and contain complex or larger-scale cybersecurity matters. Orchestrate workstreams across teams (Forensics and Cyber Threat Hunting) and explain the CFC's overall understanding of the More ❯

Security Engineer, Incident Response , Security Incident Response Team (SIRT) Job ID: Amazon Development Centre Ireland Limited Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response … of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring … of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incident response capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

A leading Commerce firm is looking for an Incident Response Lead to join their Cyber Defence team. This crucial role will support the team in enhancing its detection capabilities and modernising the incident response (IR) process across the organisation. The Incident Response Lead will … be responsible for managing the entire IR lifecycle, from initial triage through to remediation. Key Responsibilities: Manage end-to-end incident response (IR) processes, ensuring swift and effective resolution of security incidents. Develop and maintain incident response playbooks and runbooks. Analyse incident reports and provide … actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 and P2 incidents (mainly More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying … analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service … Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. * Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging More ❯

Incident Response/eDiscovery Manager – | London Law Firm | Up to £100k + Package | Flexible/Remote A top London law firm is expanding its Digital Forensics & eDiscovery team and looking for an Incident Response/eDiscovery Manager to take on a growing number of Incident Response projects . If you have experience with Canopy (or similar breach response tools) and are confident with Relativity , this could be a great opportunity! What You’ll Be Doing: Supporting forensic investigations and data collection Managing eDiscovery workflows (EDRM) using Relativity Leading and assisting with Incident Response cases, including data breach reviews Working with clients and internal teams on high-profile matters Using Canopy (or similar tools) for breach response and data analysis What They’re Looking For: Experience in Incident Response, eDiscovery & Digital Forensics Strong working knowledge of Relativity (certifications More ❯

Cyber Incident Response Consultant Location: Brussels, Belgium - Hybrid (30% on-site presence required) Contract Duration 6 months - June – December 2025 (with possible extension) Outside IR35 €500 - €525 Euros a day About the role We are seeking an experienced and proactive cybersecurity professional with experience in Cyber Incident Response. Exciting opportunity to join a dynamic international environment supporting enterprise-wide cyber incident management and response coordination. This role offers a unique opportunity to contribute to critical cybersecurity functions within a multinational CSIRT. Key Responsibilities: Support enterprise-wide cybersecurity incident response efforts, ensuring effective … coordination and communication across all stakeholders. Track, monitor, and follow up on cyber incident response tasks, decisions, and lines of effort in collaboration with the Cyber Incident Task Force. Assist in the development, refinement, and implementation of policies, frameworks, and procedures related to cyber incident management. More ❯

Incident Response/eDiscovery Manager – | London Law Firm | Up to £100k + Package | Flexible/Remote A top London law firm is expanding its Digital Forensics & eDiscovery team and looking for an Incident Response/eDiscovery Manager to take on a growing number of Incident Response projects . If you have experience with Canopy (or similar breach response tools) and are confident with Relativity , this could be a great opportunity! What You’ll Be Doing: Supporting forensic investigations and data collection Managing eDiscovery workflows (EDRM) using Relativity Leading and assisting with Incident Response cases, including data breach reviews Working with clients and internal teams on high-profile matters Using Canopy (or similar tools) for breach response and data analysis What They’re Looking For: Experience in Incident Response, eDiscovery & Digital Forensics Strong working knowledge of Relativity (certifications More ❯

Cyber Incident Response Consultant Location: Brussels, Belgium - Hybrid (30% on-site presence required) Contract Duration 6 months - June – December 2025 (with possible extension) Outside IR35 €500 - €525 Euros a day About the role We are seeking an experienced and proactive cybersecurity professional with experience in Cyber Incident Response. Exciting opportunity to join a dynamic international environment supporting enterprise-wide cyber incident management and response coordination. This role offers a unique opportunity to contribute to critical cybersecurity functions within a multinational CSIRT. Key Responsibilities: Support enterprise-wide cybersecurity incident response efforts, ensuring effective … coordination and communication across all stakeholders. Track, monitor, and follow up on cyber incident response tasks, decisions, and lines of effort in collaboration with the Cyber Incident Task Force. Assist in the development, refinement, and implementation of policies, frameworks, and procedures related to cyber incident management. More ❯

IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing performance, and driving continuous improvement. Take the lead management responsibility for all cyber … security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that may go undetected in our environment that have evaded our automated security tools and defences. … Accountable for Cyber Security incident response management including the establishment, maintenance and improvement of cyber security incident response plans, procedures, and playbooks. Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security More ❯

IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing performance, and driving continuous improvement. Take the lead management responsibility for all cyber … security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that may go undetected in our environment that have evaded our automated security tools and defences. … Accountable for Cyber Security incident response management including the establishment, maintenance and improvement of cyber security incident response plans, procedures, and playbooks. Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cybersecurity Incident Response Lead Location: Hybrid - must live in comutable distance to Glasgow city centre (maybe a requirement to be on-site in an office at short notice). Excellent Cybersecurity Incident Response Lead opportunity to join a leading UK bank who continue to expand their … Cyber Security capabilities. You will be a sharp, decisive, and highly experienced Cybersecurity Incident Response Specialist looking to join a high-performing Detect & Respond Operations Team. You will thrive working under pressure, excel at solving complex problems, and have a knack for identifying and neutralising threats before they … resilience. Provide clear, concise briefings and reports to senior leadership, offering insight into incidents, risks, and ongoing threat landscapes. 💡 Your background: Proven experience leading incident response operations and cybersecurity investigations. Deep understanding of cyber attack vectors, threat actors, and red team/blue team methodologies. Strong analytical skills More ❯

London, England, United Kingdom Corporate Functions Add to Favorites Incident Response Engineer - Threat Analysis Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven … technical background, relevant Information Security experience with a strong focus in the Incident Response lifecycle. You will work with a global team of security professionals on a follow-the-sun model with a primary focus on the identification, containment, and mitigation of security incidents. This role is an … will have the opportunity to work on technology and processes with global reach! Minimum Qualifications Extensive experience in Information Security with a focus on Incident Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them More ❯

Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are on the lookout for a UK-based Senior Security Engineer to join our Security Operations & Response Team. This role is pivotal in enhancing Marqeta's ability to detect and respond to threats. You will contribute to … the design, documentation, and implementation of a security detection engineering program, participate in on-call rotations and incident response efforts, and collaborate with various teams to assess detection gaps across Marqeta. This role offers the opportunity to directly impact the program through strong technical contributions. The role reports … Work with team leadership to define and report metrics related to detection capabilities and effectiveness Participate in a 24x7x365 on-call rotation for alert response Be an active responder as part of the Cybersecurity Incident Response Team during declared incidents Contribute to automation and orchestration playbooks to More ❯

Cybersecurity Incident Response Lead Location: Hybrid - must live in comutable distance to Glasgow city centre (maybe a requirement to be on-site in an office at short notice). Excellent Cybersecurity Incident Response Lead opportunity to join a leading UK bank who continue to expand their … Cyber Security capabilities. You will be a sharp, decisive, and highly experienced Cybersecurity Incident Response Specialist looking to join a high-performing Detect & Respond Operations Team. You will thrive working under pressure, excel at solving complex problems, and have a knack for identifying and neutralising threats before they … resilience. Provide clear, concise briefings and reports to senior leadership, offering insight into incidents, risks, and ongoing threat landscapes. 💡 Your background: Proven experience leading incident response operations and cybersecurity investigations. Deep understanding of cyber attack vectors, threat actors, and red team/blue team methodologies. Strong analytical skills More ❯

to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating, and responding to security … Security Operations Team collaborates closely with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what … you'll do: As a Senior Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and More ❯

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident re... More ❯

a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment. We’re expanding our Incident Response team and looking for a Incident Response Analyst to join us in tackling some of the most challenging cybersecurity threats. … a critical role in reducing the impact of cyberattacks and enchanting our clients security posture to prevent future attacks. Key responsibilities include: Conducting initial incident assessments and contribute to Incident Response management. Participate in live Incident Response operations including digital forensics. Perform security assessments, threat … etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain More ❯