1 to 25 of 676 Incident Response Jobs in the UK

Security Engineer , Global Services Security Job ID: Amazon Web Services EMEA SARL (Irish Branch) Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited … capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help … success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services. Key job responsibilities Perform and oversee security incident response operations Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event. Independently contribute to teams that include Amazonians More ❯

global basis, the resilience of operations has become a board level issue. Responsibilities You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Principal Incident Response Consultant – Cybersecurity/DFIR/Threat Hunting Location: UK wide – Remote Salary - £85,000 - £110,000 + excellent benefits Clearance - DV clearance required We’re seeking a Principal Incident Response Consultant to join our client’s elite cybersecurity and digital forensics team. This is a client-facing role where you’ll lead DFIR … Digital Forensics & Incident Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you’re an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on some of the UK’s most significant cyber cases. Key Responsibilities … Incident Response Leadership: Take charge of high-profile cyber incidents, from breach triage and containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence More ❯

Security Engineer, Incident Response , Security Incident Response Team (SIRT) Job ID: Amazon Development Centre Ireland Limited Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events … knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future. - Assisting in … the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incident response capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon More ❯

We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and part of a global practice offering and influencing the direction of our … forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting, providing digital forensics and incident response solutions for cyber response investigations, digital forensic investigations, eDiscovery, and data analytics. Our clients include law firms and Fortune 500 multinationals across the globe. Day to day, you … and execute matters that arise on short notice, support crises, and deploy the team as needed. As the technical lead, you will provide direction, ensure quality, and manage forensic incident response engagements. You will also engage across the business to leverage technology consulting into business development and go-to-market strategies, increasing the team's visibility and capabilities More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. … As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire … on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network More ❯

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. … As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire … on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network More ❯

We're Hiring: Principal Incident Response Investigator/Consultant - Remote - £85k 📍 UK-based | DV Clearance Required (or ability to attain) 💼 Consulting | Cyber Security | Digital Forensics | Incident Response Are you ready to lead the front line in cyber defence? We’re looking for a Principal Incident Response Investigator/Consultant to take the lead in … a seasoned professional who thrives under pressure, communicates with confidence, and brings deep technical expertise to the table. 💥 What You’ll Do Lead Complex Investigations : Own end-to-end incident response engagements — from triage and containment through to forensic analysis, recovery, and reporting. Take Command in Crisis : Act as incident commander for major breaches, guiding clients, coordinating … of the moment. Apply Deep Forensics : Investigate across Windows, Linux, macOS, cloud, SaaS, and hybrid environments. Grow Our Capabilities : Develop playbooks, tools, and methodologies that raise the bar for incident response delivery. Mentor & Inspire : Coach junior investigators and contribute to internal knowledge sharing and external thought leadership. 🔐 What We're Looking For DV clearance (or the ability to More ❯

you fluent in English, analytic, flexible, energized by accelerated action, compliance and process improvement focused? Well, this may be the role for you. Position in the organization: The Major Incident Manager: Business Protection and Technology Assurance (BPTA) is a member of the ESI Incident Management Team (EIM) within ADP's Global Security Organization (GSO). RESPONSIBILITIES As a … Major Incident Manager, you will act as a single point of contact in the EIM team during a reported incident and will work with the following teams: business unit (BU) management and Incident Response Teams, ADP Global Security Organization (GSO), GETS, GPT, Communications and Privacy and Legal teams to drive and execute activities within the framework … of the major incident response process. You will need to work within the EIM framework and assist in making decisions based on established ADP policies and standards with respect to incident reporting, internal escalations and internal notifications, as well as maintain, review and update the Incident Response Procedures (Playbooks/SOPs). The duties performed More ❯

Senior Consultant Digital Forensics & Incident Response Certain Advantage is hiring for a Senior Consultant, Digital Forensics & Incident Response based in Reading. This role is on an initial 12-month contract basis and is hybrid. The Company Were working with a global technology leader delivering advanced network, security, and digital solutions that help businesses stay connected, resilient … and secure. The Role This role is for a hands-on Senior Digital Forensic & Incident Response Consultantsomeone ambitious, client-facing, and ready to make an impact. Youll be results-oriented and driven to succeed, responsible for: Leading complex forensic investigations into advanced cyber incidents. Acting as the technical SME across at least two forensic domains (e.g. host, network … cloud, memory, or mobile). Delivering incident response assessments and developing IR plans for clients. Designing and facilitating breach simulation and tabletop exercises for senior leadership. Serving as an incident commander during major cyber crises. Producing forensic reports and actionable recommendations to strengthen client security posture. The Individual Were looking for people who can show: Strong experience More ❯

Cyber Incident Manager 60,000 - 70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Manager to join a large nationally recognised brand head quartered in the West Midlands. As the Cyber Incident Manager you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We are ideally looking for someone … Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships with required stakeholders. More ❯

Cyber Incident Manager £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Manager to join a large nationally recognised brand head quartered in the West Midlands. As the Cyber Incident Manager you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We are ideally looking for someone … Midlands based who can be on site in Warwickshire 1 day a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships with required stakeholders. More ❯

lawyer to advise on and coordinate data protection matters, in particular, to oversee and run the Global Record of Processing Activities (RoPA) Inventory as well as coordinate the Global Incident Response (IR) Process. This involves overseeing a team who are responsible for completing and maintaining EY's Global RoPA and integration of Privacy Impact Assessment (PIA) records and … Third Party Vendor Due Diligence (VDD) data as well as coordinating the work of other resources and EY's Global Delivery Service ("GDS") involved in the Global Incident Response Process. The global data protection team is responsible for the implementation and transformation of EY's privacy compliance program, which include Binding Corporate Rules. The team works closely with … on data protection matters, including both personal data privacy and the protection of client and EY confidential information. The opportunity As the Global Legal Counsel - Data Protection RoPA and Incident Response, you will be responsible for overseeing the Records of Processing Activity (RoPA) process and inventory as well as the management of the Global Incident Response More ❯

Cybersecurity Incident Response Specialist - CONTRACT OPPORTUNITY Remote with occasional trips to London (not expensed). £750.00 per day. 6 months. ASAP start, ASAP interviews. Right to work in the UK mandatory. The Cybersecurity Incident Response Specialist will be responsible for investigating, analysing and providing specialist expertise for the resolution of security incidents/attacks aimed at … support Senior Analysts and Analysts in managing incidents and liaise with SOC engineers to ensure appropriate security measures, technologies and processes are in place to avoid reoccurrence of incidents. Incident detection: Demonstrate an ability to understand in detail how an incident has occurred without relying on alerts (e.g., reviewing logs and threat intelligence data). Support the Analyst … in prioritizing incidents for further analysis, response, or closure. Incident management: Provide specialist knowledge on specific types of attacks. Support Senior Analyst and Analyst in the management of an incident. Objectives: Provide specialist input for the management of incidents where it is required. Identify, analyse, mitigate cybersecurity incidents. Minimise the overall effects of any incident. Liaise with Incident More ❯

to the client site UK Must hold Active SC clearance Rate £395.00 **Role Description:** The Senior SOC Analyst will play a vital role in our security operations, focusing on incident management and response to protect our organisation's assets. This position requires a highly skilled professional capable of performing in-depth incident analysis and investigation, engaging with … technical and business stakeholders, and providing expert advisory support. **Incident Management:** - Conduct thorough analysis to determine the causes of security incidents, ensuring a comprehensive understanding of attack paths. Utilise pre-defined playbooks and develop new procedures as necessary to enhance our incident response capabilities. - Liaise with technical and business owners of affected systems, particularly in cloud environments … collaborate on remediation and recovery efforts. - Offer technical advice based on alert data and logs to support the investigation of cyber incidents, ensuring effective communication and collaboration across teams. **Incident Response:** - Respond promptly to security incidents, conducting thorough investigations and delivering timely solutions to mitigate damage. Contribute to the creation and maintenance of effective incident response More ❯

Cyber Defense and Engineering. Perform proactive threat hunting to identify and mitigate potential threats before they can cause harm. Develop and refine detection rules to improve the identification and response to security incidents. Provide detailed reports and documentation of incidents and response actions. Develop and maintain incident response playbooks and runbooks to ensure standardized and efficient … response processes. Contribute to identifying process improvement opportunities to enhance security incident response processes. Support and manage cybersecurity projects to enhance overall security posture. This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager. Experience working in an enterprise-level incident response team or security operations center. Professional … experience in cybersecurity or computer network defense roles. Relevant security-related certifications a plus: CISSP, GCIH, GCIA, GCED, GCFA, CySA+. Demonstrated expertise in areas like incident response, intrusion and malware analysis, web application security, or security engineering. Extensive understanding of malware types and network attack methods. Strong grasp of TCP/IP, packet analysis, routing, and network security. More ❯

Job Overview: We are seeking a DFIR Analyst to join our team, leveraging their technical expertise and investigative mindset to support forensic investigations and incident response engagements. The ideal candidate will have a methodical approach to problem-solving, ensuring investigations are thoroughly documented and findings are communicated effectively to both technical and non-technical stakeholders. This role requires … EZTools and parsers, and AWS, along with strong technical foundation skills in systems administration and networking. The successful candidate should be comfortable translating forensic requirements and guiding clients through incident triage and response strategies. Key Responsibilities: Conduct digital forensic investigations across endpoint, network, and cloud environments. Perform incident response investigations, working across multiple environments, including on … Azure). Utilise CrowdStrike, Magnet Axiom, X-Ways, and SIFT Workstations to collect and analyse forensic evidence. Develop and script tooling for the task at hand. Support forensic and incident response engagements by documenting findings, writing detailed reports, and delivering presentations to both technical and non-technical stakeholders. Work closely with clients to understand their forensic and security More ❯

systems, networks, and infrastructure, considering scalability, resiliency, and emerging technologies. Security Operations Management: Lead the security operations team for product and infrastructure, ensuring the implementation of robust security controls, incident response protocols, vulnerability management, and security monitoring. Foster a proactive and efficient security operations center (SOC) to detect, respond to, and recover from security incidents. Team Management: Effectively … to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective controls and processes to safeguard sensitive information and prevent unauthorized access. Incident Response and Investigation: Oversee incident response activities, coordinating with cross-functional teams to promptly detect, investigate, and resolve security incidents. Develop and maintain an incident response plan, ensuring effective communication, documentation, and post-incident analysis. Vendor and Third-Party Management: Assess and manage security risks associated with third-party vendors and partners. Establish and maintain security-related contracts, service-level agreements, and ongoing vendor assessments to ensure adherence to security standards. Performance Monitoring and Reporting: Establish key performance indicators (KPIs) and metrics More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯