1 to 25 of 359 Incident Response Jobs in the UK

Overview Executive level position reporting to the Director of Cyber Threat Management & Incident Response, this is a hands‐on senior security position working within the Information Security group and with the internal IT department. This position’s core focus is to ensure consistent, measurable end‐to‐end triage … successful candidate will work to assess, develop, and deploy detection capabilities and processes ensuring enterprise systems and data are protected, serving as the Incident Response Lead for European and Pacific regions of the organisation. We are looking for candidates who have a passion for cyber security, threat detection ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response and forensic investigation services across our client's customer and internal environments. In this role, you will lead cyber incident investigations, conduct forensic analysis across endpoint, network, and cloud environments, and work closely with security operations teams to identify, contain, and remediate threats. You will also ...

ownership of a threat defence strategy and service. The role will focus on leading a team responsible for security operations, incident detection and response and threat intelligence which will be delivered through partnership with outsourced providers and IT. We're looking for a motivated and experienced individual … This role will have line management responsibilities for 3 of the team: a Threat Intelligence Lead, a TD Service Operations Lead and a Cyber Incident Response Lead. The role requires DV clearance and a minimum of 2 days per week in the Paddington Office. Occasional travel to other ...

Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

capable of leading cyber incidents operationally, technically and commercially from end-to-end. You will act as a senior technical subject matter expert across incident response, detection engineering, cloud security and vulnerability management, while also providing calm, structured leadership during high-pressure situations. The environment is heavily Microsoft … principles Detection engineering and automation Threat and vulnerability management You will work closely with global technology and cyber teams to continuously improve monitoring, detection, response and remediation capabilities across hybrid cloud and on-premise environments. Key Responsibilities Incident Response & Major Incident Management Lead ...

play a critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct … detail and high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation ...

Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Cyber to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead ...

leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function, overseeing … security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes, identifying emerging ...

Cyber & Network Security Manager We are seeking an experienced Cyber & Network Security Manager to lead the delivery of all security operations, drive cyber incident response, and provide enterprise-wide oversight of network security. This is an operational leadership role at the centre of the cyber defence function. … Security Operations Centre (SOC) services. Act as the senior operational escalation point for cyber security incidents and major security events. Own and coordinate cyber incident response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. ...

will be accountable for the effective operation, continuous improvement and resilience of the Bank's security operations capability, covering Security Operations Centre monitoring and response, Identity and Access Management services, security analysis, operational security controls and supplier-delivered security services. The Head of Security Operations is a senior leadership … India offices, supported where appropriate by third-party managed security service providers. The team provides 24x7 or extended-hours security monitoring and response, identity and access management operations, vulnerability and threat analysis, security tooling administration, control assurance support, reporting, and operational support. Your responsibilities will include... Security Operations Leadership ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response ...

Accountabilities Manage security monitoring systems, including intrusion prevention and detection systems, to alert, detect, and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimized system damage. Identify emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate … actor profiling, indicators of compromise (IOCs), tactics, techniques and procedures (TTPs) and emerging threat trends, to support threat hunting, detection engineering, vulnerability management and incident response activities. Partner with CSOC, Incident Response, CISO functions and broader Intelligence functions to provide actionable intelligence during cyber incidents, enhance ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

cyber risk and assurance reporting to Digital governance groups, Audit/Risk & Assurance Committees, & the Trust Board. Provide strategic oversight of cyber operations (monitoring, incident response, vulnerability management, identity & access management) delivered internally & via third parties; assure the effectiveness of managed services. Embed secure-by-design principles across … culture through engagement & awareness activities across clinical, operational, and corporate teams. Contribute to business continuity, disaster recovery, & cyber resilience planning, including exercises, testing, & post-incident learning; participate in out-of-hours incident response where required. About us The Christie is one of Europe's leading cancer centres ...

tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...

Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond … critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint ...

Creative Artists Agency is looking for an experienced executive-level Incident Response Lead based in Greater London. This key position collaborates closely with the Director of Cyber Threat Management and focuses on incident response, threat detection, and security measures across the organization. The ideal candidate will … have a strong technical background, particularly in cloud environments, and will be responsible for mentoring junior staff while leading response strategies during security incidents. A minimum of 8 years in IT, with 5 years in incident response, is essential. #J-18808-Ljbffr ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...