126 to 150 of 333 Incident Response Jobs in the UK

growing cyber security team based in Altrincham, South Manchester. You will play a key role in protecting critical systems, improving security posture, and supporting incident response across a modern hybrid IT environment. This is a hands-on technical role where youll work closely with infrastructure, cloud … respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards ...

primarily a people management role, we value leaders who remain close to the services they support. You will be actively involved in service management, incident response, problem resolution, change planning, and operational improvements. You will work with the team to identify opportunities to improve reliability, efficiency, monitoring, automation … ensuring effective collaboration and service outcomes. Representing the team in operational, project, and governance forums, advocating for service improvements and business needs. Operational Leadership, Incident Management & Escalation Leading the operational response to issues that may impact print production schedules, publication deadlines, or delivery commitments. Making informed decisions during ...

This role is ideal for someone who brings experience of cyber operations and can apply that knowledge to strengthen and evolve our detection and response capability in a complex NHS environment, where patient safety and operational continuity are critical. The role will be involved in delivering digital safety, security … operation and ongoing development of our SOC and SIEM capability *Own and continuously improve detection use cases, alerting, triage, and response processes *Act as a technical lead for monitoring and detection, ensuring controls are effective, proportionate, and aligned to risk *Investigate and respond to security incidents, providing clear, risk ...

role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse … e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflowsAct as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best ...

role in helping our customers achieve greater visibility, performance, and reliability across their IT estatescontributing to their operational success through proactive insight and incident prevention. What you'll do Design, implement, and manage observability solutions using industry-leading tools such as Dynatrace (primary), Grafana, and Splunk Collect and analyse … e.g. ServiceNow) and CI/CD pipelines to enable proactive alerting and resolution workflowsAct as a Monitoring & Observability SME within customer delivery teams Support incident response activities and postmortems by identifying patterns, root causes, and optimisation opportunities Work collaboratively with cross-functional teams to define and implement best ...

join the firm in London. Responsibilities: * Undertake efficient, effective and proactive day-to-day cybersecurity operations to minimise the risk of a security incident, enabling the firm to do business. * Maintain the capability to react and respond to incidents in an effective and timely manner, minimising their impact … event data across the firms' systems, and procuring threat intelligence to inform the hunts. Key Skills: * Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. * Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. * Strong ...

SIEM (Microsoft Sentinel), Defender stack, vulnerability management, DLP, and cloud security tools Ensure platforms are integrated, performing effectively, and aligned to client requirements Support incident response by resolving platform issues, enabling telemetry, and making technical changes where required Deploy and tune detection rules, improving alert quality and reducing ...

issues Maintain and configure observability platforms such as Datadog Proactively monitor production and other environments to ensure stability, availability, security and integrity Participate in incident response, troubleshooting, and root cause analysis to mitigate and prevent future issues Work closely with engineering, support and operations teams to upskill ...

Security Analyst, youll act as a senior technical escalation point within the SOC, supporting the wider analyst team while leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity … work, candidates must have current SC clearance and be eligible to obtain UK Government DV clearance. What Youll Be Doing Lead the investigation and response to complex cyber security incidents across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during ...

Security Analyst, youll act as a senior technical escalation point within the SOC, supporting the wider analyst team while leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity … work, candidates must have current SC clearance and be eligible to obtain UK Government DV clearance. What Youll Be Doing Lead the investigation and response to complex cyber security incidents across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during ...

without manual intervention Self Healing systems, Runbook automation Exposure to tools like Gremlin, Chaos Monkey, AWS FIS to simulate outages and improve fault tolerance Incident Management Act as the primary point of escalation for critical production issues and lead major incident response, root cause analysis, and postmortems. … Perform detailed post-incident investigations to identify underlying causes. Document findings and share learnings to prevent recurrence. Implement preventive measures and continuous improvement processes. Observability Champion monitoring, logging, and alerting strategies using tools like Prometheus, Grafana, ELK, and AWS CloudWatch. Build real-time dashboards to visualize system health ...

without manual intervention Self Healing systems, Runbook automation Exposure to tools like Gremlin, Chaos Monkey, AWS FIS to simulate outages and improve fault tolerance Incident Management Act as the primary point of escalation for critical production issues and lead major incident response, root cause analysis, and postmortems. … Perform detailed post-incident investigations to identify underlying causes. Document findings and share learnings to prevent recurrence. Implement preventive measures and continuous improvement processes. Observability Champion monitoring, logging, and alerting strategies using tools like Prometheus, Grafana, ELK, and AWS CloudWatch. Build real-time dashboards to visualize system health ...

growing cyber security team based in South Manchester. You will play a key role in protecting critical systems, improving security posture, and supporting incident response across a modern hybrid IT environment. This is a hands-on technical role where youll work closely with infrastructure, cloud, and SOC teams … respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and remediation tracking Support implementation of security controls across cloud and on-prem environments Contribute to security policies, standards ...

Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst … contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency ...

organisation maintains a robust, resilient, and compliant security posture. Key Responsibilities Lead and manage the delivery of Security Operations services, ensuring effective monitoring, detection, response, and remediation of cyber threats. Provide oversight and governance of network infrastructure security, availability, resilience, and performance. Lead, develop, and mentor a multidisciplinary team … aligned to recognised frameworks including ISO 27001, NIST Cybersecurity Framework, CIS Controls, and other relevant standards. Manage security incidents, major cyber events, and crisis response activities. Build strong relationships with internal stakeholders, ensuring security requirements support business objectives. Oversee third-party suppliers, SOC providers, and security partners, ensuring service ...

organisation maintains a robust, resilient, and compliant security posture. Key Responsibilities Lead and manage the delivery of Security Operations services, ensuring effective monitoring, detection, response, and remediation of cyber threats. Provide oversight and governance of network infrastructure security, availability, resilience, and performance. Lead, develop, and mentor a multidisciplinary team … aligned to recognised frameworks including ISO 27001, NIST Cybersecurity Framework, CIS Controls, and other relevant standards. Manage security incidents, major cyber events, and crisis response activities. Build strong relationships with internal stakeholders, ensuring security requirements support business objectives. Oversee third-party suppliers, SOC providers, and security partners, ensuring service ...

Relationships CTTO — Direct line manager. Governance, infrastructure risk, and FinOps accountability. CISO (Head of Security) — Close working relationship. Security operations implementation, IAM policy, and incident escalation. Director of Platform Engineering — Coordinates on DevSecOps integration and CI/CD infrastructure requirements. Head of Infrastructure & Cloud — Direct report. Hosting strategy, cloud … internal IT operations across a distributed estate — multiple sites or subsidiaries Commercial awareness: has owned cloud cost management and FinOps outcomes with measurable results Incident management and on-call leadership — has run major incident response at group level Strong vendor management: MSP relationships, colocation contracts, cloud provider ...

future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What … interested in speaking with candidates from backgrounds such as: * Security Operations Manager * Lead Security Engineer * Senior Security Engineer * Senior SOC Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/ ...

event-driven workflows. Automation & Toil Reduction at Scale Lead the design of automation frameworks that eliminate manual operational tasks across multiple domains. Translate incident learnings and operational inefficiencies into scalable automation and preventative controls. Drive adoption of automation-first principles, reducing dependency on human-driven processes. Contribute … telemetry, monitoring, alerting, and operational visibility across all critical systems. Ensure services are observable, measurable, and support proactive detection of issues. Improve operational readiness, incident response effectiveness, and time-to-recovery through engineering solutions. CI/CD & Platform Integration Contribute to the design of CI/CD patterns ...

Responsibilities Support the day-to-day operation of the Information Security function Assist in maintaining an ISMS aligned to ISO 27001:2022 Support incident response processes and disaster recovery testing with stakeholders Help deliver cyber security awareness training and internal communications Review and support updates to security policies … Microsoft 365 administration or support Exposure to Azure or cloud-based environments Ability to follow, document, and improve technical processes and procedures Understanding of incident management and IT operational support Basic scripting or automation skills (e.g. PowerShell or similar) Desirable experience Exposure to security tools such as Microsoft Defender ...

Role Mission: Client-facing Platform/SRE consultant designing, deploying, and supporting production infrastructure. Day-to-Day: Incident response, system reliability, balancing technical tradeoffs with client deadlines, and eventually mentoring others. Must-Haves Kubernetes: Deep, hands-on production experience (troubleshooting, networking, storage). IaC: Strict "everything-as-code ...

mitigating vulnerabilities and ensuring compliance with data protection laws (e.g., GDPR). Establish, implement, and maintain security policies, standards, and operational controls; support audits, incident response, vulnerability remediation, and ensure effective use of security tooling (eg., Sentinel, Defender for Cloud, SIEM). Work closely with Operational Risk, DevOps ...

cyber security strategy and governance (aligned to various frameworks e.g. ISO27001, NIST, Cyber Essentials) overseeing security operations (SOC, threat detection, vulnerability management etc.), and incident response plans risk management and compliance, ensuring compliance with various standards and frameworks About you Applicants for the Cyber Security Engineer role will ...

Egress and MFA solutions. Produce technical documentation and support continuous improvement initiatives across IT systems and services. Assist with information security compliance, audits and incident response activities aligned to Cyber Essentials and ISO27001 standards. Participate in an out-of-hours on-call rota and provide occasional support across ...

vulnerability management, and compliance controls into engineering workflows. Collaborate with software development teams to improve secure coding practices. Develop and maintain monitoring, logging, and incident response automation. Support threat modelling and secure architecture reviews. Drive DevSecOps best practices across engineering teams. Contribute to platform engineering and cloud-native ...