26 to 50 of 428 Incident Response Jobs in the UK

security strategy at a national level. The role You will define and lead delivery of the Cyber Security Operations Centre (CSOC), owning real-time incident detection, response and remediation across a complex, high-value estate. Key accountabilities include: Owning the cyber incident response plan — its development … communication and continuous improvement Defining the use-case-driven logging, monitoring and response capability to ensure resilience against cyber threats Identifying vulnerabilities across the estate and defining remediation and mitigation processes to ensure cyber readiness Providing strategic-level advice to senior management and managing relationships with external agencies including ...

security strategy at a national level. The role You will define and lead delivery of the Cyber Security Operations Centre (CSOC), owning real-time incident detection, response and remediation across a complex, high-value estate. Key accountabilities include: Owning the cyber incident response plan — its development … communication and continuous improvement Defining the use-case-driven logging, monitoring and response capability to ensure resilience against cyber threats Identifying vulnerabilities across the estate and defining remediation and mitigation processes to ensure cyber readiness Providing strategic-level advice to senior management and managing relationships with external agencies including ...

security strategy at a national level. The role You will define and lead delivery of the Cyber Security Operations Centre (CSOC), owning real-time incident detection, response and remediation across a complex, high-value estate. Key accountabilities include: Owning the cyber incident response plan — its development … communication and continuous improvement Defining the use-case-driven logging, monitoring and response capability to ensure resilience against cyber threats Identifying vulnerabilities across the estate and defining remediation and mitigation processes to ensure cyber readiness Providing strategic-level advice to senior management and managing relationships with external agencies including ...

security strategy at a national level. The role You will define and lead delivery of the Cyber Security Operations Centre (CSOC), owning real-time incident detection, response and remediation across a complex, high-value estate. Key accountabilities include: Owning the cyber incident response plan — its development … communication and continuous improvement Defining the use-case-driven logging, monitoring and response capability to ensure resilience against cyber threats Identifying vulnerabilities across the estate and defining remediation and mitigation processes to ensure cyber readiness Providing strategic-level advice to senior management and managing relationships with external agencies including ...

security strategy at a national level. The role You will define and lead delivery of the Cyber Security Operations Centre (CSOC), owning real-time incident detection, response and remediation across a complex, high-value estate. Key accountabilities include: Owning the cyber incident response plan — its development … communication and continuous improvement Defining the use-case-driven logging, monitoring and response capability to ensure resilience against cyber threats Identifying vulnerabilities across the estate and defining remediation and mitigation processes to ensure cyber readiness Providing strategic-level advice to senior management and managing relationships with external agencies including ...

core capabilities, and operate with a high degree of autonomy in a mission-critical environment. The successful candidate will own key areas spanning SIEM, incident response, and system hardening, while also influencing broader security architecture and compliance. The Principal Security Specialist will: Lead the design, build, and operation … SIEM capability, aggregating and analysing logs across infrastructure, networks, and applications Define and drive the organisation’s approach to threat detection, log analysis, and incident response, establishing robust baselines and alerting strategies Take ownership of security incident investigation end-to-end, acting as a senior escalation point ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

contract basis. This role will suit someone who is hands-on but also comfortable operating at a strategic level, driving improvements across security monitoring, incident response, and operational resilience. Key Responsibilities Lead and manage day-to-day security operations, including SOC activities and incident response Oversee … detection and response capabilities, ensuring effective monitoring and alerting Drive continuous improvement across security tooling, processes, and playbooks Act as the escalation point for major security incidents Work closely with internal stakeholders and third parties to ensure alignment with security objectives Support regulatory and compliance requirements relevant ...

Cyber Security Operations Centre (CSOC). This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying up to £850 PD Inside … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...

Cyber Security Operations Centre (CSOC). This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying up to £850 PD Inside … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business … capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across ...

evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security ...

strengthening and evolving their cyber defence capability. This is a high‐impact leadership role where you’ll own security operations end‐to‐end, lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you’ll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you'll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

business performance. Based in Hertfordshire (hybrid), you'll lead end-to-end service management across IT, logistics, fulfilment, and customer operations - owning major incident response, service performance, and continuous improvement at scale. Key responsibilities Lead end-to-end IT service management (incident, problem, change, release, configuration) aligned … ITIL 4 Own major incident management (P1/P2), acting as the senior escalation point with clear executive communication Drive root cause analysis and continuous improvement using service metrics (MTTR, trends, backlog) Oversee IT service delivery, 24/7 support operations, and ITSM tooling Coordinate cyber incident response ...

detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations … Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Lead SOC Analyst, the position will act as the escalation point for complex security incidents, driving investigations, guiding junior analysts, and ensuring effective response and remediation across critical systems. Whats on Offer Salary: £55,000 £65,000 25% shift allowance on top of base salary Structured shift pattern … days and nights (3 days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should ...

security and privacy risk across the firm’s technology environment. Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance. This is a hands‐on technical role requiring strong analytical skills, attention … security event identification via the third-party security operations service. Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence-led techniques. Maintain ...

platforms. The SOC Shift Lead will take ownership of security operations during assigned shifts, acting as the senior escalation point for complex incidents, leading response activities, and ensuring effective coordination across teams. This role also carries leadership responsibility, including oversight of analysts and accountability in the absence of senior … Clear progression within a specialist cyber security function What You Need To succeed in this role, candidates should demonstrate: 710 years experience in SOC, incident response, or threat analysis Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity ...

strong security posture across mission-critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities of the Security Operations Shift Lead Lead investigations into escalated … security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium- and high-severity incident response activities, producing detailed ...

security alerts, intrusions, and unauthorised activity Responding to incidents in line with defined SOC playbooks Escalating complex or high-risk incidents to Tier 2 Incident Response teams Reviewing vulnerability scan results and feeding findings back to technical teams Supporting secure configuration reviews and remediation activities Producing regular service … Junior SOC Analyst essential skills A qualification in Cyber Security, Computer Science, Networking, or a related technical discipline Strong interest in cyber security and incident response Understanding of core security concepts and common cyber threats Ability to follow processes, investigate alerts, and document findings clearly Willingness to work ...