101 to 125 of 340 Incident Response Jobs in the UK excluding London

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

standards Act as the on-site technology point of contact Troubleshoot and resolve connectivity issues (Wi-Fi, wired, endpoint, VPN, DHCP/DNS) Coordinate incident response with technical teams Maintain awareness of service performance Communicate clearly with both technical and non-technical stakeholders Balance customer expectations with operational … hospitality or similar) Strong understanding of enterprise IT and networking fundamentals (Wi-Fi, TCP/IP, DHCP, DNS, VPNs, endpoints, service delivery) Experience coordinating incident response in high-pressure environments Ability to manage multiple stakeholders Clear communication with technical and non-technical audiences A calm, structured approach during ...

execution across all support tiers. The Head of Support sets the standards, governs vendor performance, and ensures every aspect of the support experience — from incident response to customer satisfaction — meets enterprise-grade expectations. Key Responsibilities Service Reliability & Platform Stability Own platform availability, performance, and reliability across all tenants … Reduce incident frequency, severity, and blast radius Establish and drive Service Reliability Engineering (SRE) principles Ensure scalability and operational readiness of a multi-tenant platform Incident Management & Response Implement and lead a structured incident management framework (P1–P4) Act as executive owner of major incidents ...

Medical Protection Society is seeking an Information Security Incident Manager to lead cyber incident responses and enhance resilience. The role involves coordinating major incidents, ensuring effective governance, and improving incident response plans. Candidates should have strong expertise in cyber security, experience leading incidents, and excellent communication ...

Senior Network Security Engineer Scotland/Hybrid Salary up to £80,000 You will own incidents end-to-end across Incident, Major Incident, Change, Problem, and Service Request workflows (ITIL-aligned), leading real-time response to live DDoS attacks and complex network events as they unfold. … cybersecurity, or infrastructure Degree in Computer Science or a related field Strong networking fundamentals TCP/IP, routing, Layer 13 troubleshooting Proven experience in incident response and customer-facing technical roles The temperament to own and resolve incidents under real pressure Excellent communication skills clear, calm, customer-ready ...

pragmatic cyber security strategy aligned to business priorities, whilst establishing and maintaining security policies, standards, and governance frameworks. You will oversee security operations, including incident detection, response, and continuous improvement, and manage key third-party security service providers, ensuring performance and accountability. Risk management activities will … following experience: Proven interim experience in a Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls, and governance models. Experience ...

Model & Ways of Working : Define and implement SRE ways of working and engagement patterns, aligning reliability practices with existing ITSM/ITIL processes (e.g., incident, problem, release and change) and modern engineering delivery. Reliability Measures (SLIs/SLOs) & Error Budgets : Establish service measures and targets (SLIs/SLOs … Insight: Shape observability approaches (metrics/logs/traces) and operational monitoring models that make reliability risks visible and actionable, improving operational decision‐making. Incident Excellence & Continuous Learning: Design incident analysis and improvement loops, including practical approaches that strengthen incident response and drive learning through post ...

private cloud platform, ensuring systems are actively monitored, vulnerabilities are managed, and services remain secure, compliant and resilient. Key Responsibilities Security Monitoring & Response Monitor SIEM, EDR and platform telemetry. Investigate alerts and perform incident triage and escalation. Conduct structured incident response activities. Vulnerability & Patch Management Execute … Release Security Assess changes for security impact. Ensure deployments meet security requirements. Support secure-by-design implementation. Documentation & Continuous Improvement Maintain SOPs, runbooks and incident documentation. Contribute to improvement of SecOps processes and tooling. Essential Experience & Skills Experience in Security Operations or SecOps. SIEM, EDR and vulnerability management tooling ...

/SLOs. You’ll help teams implement pragmatic observability—logging, metrics, and distributed tracing—with actionable alerting, and you’ll contribute to (or lead) incident response and post-incident reviews that drive learning and measurable improvements. Job qualifications We are looking for experience in the following skills … Dynatrace ( or similar tools) , including alerting, dashboards, and root-cause analysis. Exposure to AIOps practices , leveraging automation and intelligence for proactive issue detection and incident reduction. Experience supporting production platforms , including incident management, problem management, and continuous improvement. Ability to mentor junior engineers , influence technical standards ...

strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple-team/assurance, ransomware preparedness, and crisis playbooks. Maintain … executive incident communications, regulator notifications, and post-incident improvements. Act as escalation point for any security related service failures or major incidents. Threat and Vulnerability Management Support the TVM team in continuously reducing vulnerability levels in the organisation. Recommend procedural improvements and reporting to drive constant improvement. Drive ...

cloud and SaaS environments, and mentoring junior engineers. Responsibilities Manage and clearly explain security incidents identified by our Security Operations Centre (SOC) Provide timely incident response support during cybersecurity events (no on‐call duty) Deliver cybersecurity best practices to technical and non‐technical stakeholders Troubleshoot security and technical … customer‐facing security reports, workshops, guides and training content Mentor junior analysts and engineers Support continuous improvement of Arctic Wolf’s Managed Detection and Response (MDR) services Job Requirements 3–5 years of experience in cybersecurity (systems, network, or cloud administration) Proven track record in IT networking, network security ...

compliance roadmap, detailing priorities, timelines, and resource requirements. Compliance & Advisory : Provide ongoing support for compliance, interpret regulatory requirements, and ensure alignment with industry standards. Incident Leadership & Management : Lead the coordination of high-severity cyber incidents, ensuring effective communication and structured execution. Required Skills & Qualifications: Core Experience : Proven experience … Cyber Incident Response or Major Incident Management, preferably in a SOC or Security Operations environment. Stakeholder & Leadership Skills : Excellent communication skills, ability to influence and negotiate under pressure, and experience with senior stakeholders. Operational Capability : Experience managing incident bridges/war rooms and strong decision-making ...

focused on monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. ...

scalability and efficiency of SOC services. Working across SIEM, endpoint, and orchestration platforms (primarily Palo Alto XSOAR), you will reduce analyst workload, accelerate incident response, and enhance decision-making across customer environments. Key Responsibilities Automation Development – Design, build, and maintain scalable automation workflows across detection and response platforms. Integration & Orchestration – Deliver cross-platform automation enabling fast, reliable response actions. Lifecycle Management – Develop, deploy, and continuously optimise automation for performance, resilience, and coverage. Collaboration & Requirements Gathering – Work with SOC and engineering teams to identify automation opportunities. Documentation – Produce clear documentation to support delivery, troubleshooting, and continuous ...

technical role where youll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. Youll also play an important role in mentoring analysts and supporting the continued development of the SOCs technical capability. Technology innovation is part … this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting ...

Incident and Resilience Manager (DORA) MUST HAVE PAYMENTS Experience! UK Remote | Permanent Hiring a Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience:* MUST DORA/Operational Resilience * Major Incident Management … Recovery* Financial Services/FinTech* ISO 22301/ISO 27001/NIST* Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong visibility and ownership. Apply now for immediate ...

secure solution design activities Advise on AI security risks, governance, and secure adoption of AI technologies Deliver security awareness training and workshops Assist in incident response planning and post-incident reviews Collaborate with technical and non-technical stakeholders to embed security into business processes Required Skills & Experience ...

vulnerability and patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti ...

this means conducting assessments and audits, identifying risks, maintaining security controls within Azure Active Directory and Microsoft 365, and playing an active role in incident response, including post-incident reviews and proposing engineering improvements. You'll also support cloud security tooling and platforms, contribute to change management ...

/SLOs. You’ll help teams implement pragmatic observability—logging, metrics, and distributed tracing—with actionable alerting, and you’ll contribute to (or lead) incident response and post-incident reviews that drive learning and measurable improvements. We are looking for experience in the following skills: Strong experience ...

including IAM roles, network security, and compliance monitoring. FinOps & Cost Optimization:Analyze usage and costs to optimize resource allocation, including rightsizing and auto-scaling. Incident Management:Provide expert-level troubleshooting, incident response, and performance monitoring. This is a hybrid position, with the expectation being 3 days ...

using Infrastructure as Code - Lead and enhance Cloud Security operations, including but not limited to identity and access management, vulnerability management, logging, monitoring, and incident response. - Initiate and monitor actions to investigate patterns and trends to resolve problems and determine future preventative measures. - Use information security practices and available ...

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

security‐related client matters Support customer audits, security questionnaires, and due diligence processes Identify, assess, and manage security risks across the business Lead incident response planning and execution Continuously improve detection and response capabilities Act as a trusted advisor to the CTO and broader executive leadership ...

guidelines. Coordinate risk assessments, ensuring mitigation actions are documented, tracked and successfully implemented. Maintain accurate documentation and evidence to support all compliance activities. Support incident response processes and contribute to post incident reviews from a compliance standpoint. Stay informed on evolving cybersecurity regulations, frameworks and best practice. ...