1 to 25 of 33 Incident Response Jobs in the West Midlands

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - 1 day a week in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. As … the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. We … looking for someone Midlands based who can be on site in Warwickshire 1 day a week on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - minimum 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. … As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. … for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

you're inspired to think big and bring your ambition to work every day, which is why, at British Airways the sky is never the limit. The role: Cyber Incident Lead This role reports into the Cyber Incident Manager, and works with stakeholders across the organisation to ensure BA is able to effectively identify, respond, and recover from … to, and manage, cyber incidents across the BA estate 24/7 365 days a year as part of an on call function. Responsible for developing, maintaining, and managing incident response processes Ability to present on complex, technical concepts to a wide range of stakeholders of varying seniority and knowledge Confident to engage with business stakeholders and build … ambiguous information Assist with the development of BA's in-house digital forensics capability, supporting various investigation teams across the organisation Work closely with other cyber teams to feed incident data back into tuning our security tool configuration and assessing our deployed controls Effectively liaise and communicate with other Operating Companies (OpCos) within IAG to respond to wider-impacting More ❯

Incident Responder/IR Consultant Hybrid - Birmingham Up to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Senior Incident Responder/IR Consultant Hybrid - Birmingham Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

Centre (SOC) business. This is a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal … teams, this could be your next big step. What You’ll Be Doing Acting as the primary point of contact for clients on SOC service matters, including escalations and incident updates Leading major incident coordination , including investigation, containment, and remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams … configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional More ❯

evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks … Stay updated on the latest intelligence, including hackers' methodologies, to anticipate security breaches. Reporting: Prepare reports that document security breaches and the extent of the damage caused. Cyber Security Incident Response: Coordinate with the IT department to maintain and update cyber incident response plans and procedures. Conduct Security Attack Simulations: Undertake security assessments such as Phishing More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or third … in a number of the following fields of expertise: Very strong experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. strong experience in providing Vulnerability Management Services Demonstrable experience and knowledge More ❯

critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only … security events. Monitor and manage the performance of the SIEM infrastructure. Security Engineering: Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance More ❯

of our lives. They're going through an exciting transformation period —building out their cyber security capabilities from the ground up. They're now looking for an experienced Cyber Incident Response Lead to help shape the function, drive best practices, and make a lasting impact on how the organisation responds to evolving threats. Key experience they're looking … for: Solid background in Incident & Problem Management, with the ability to lead effective responses and continuous improvement initiatives. Strong Stakeholder Management skills, with the confidence to work across technical and non-technical teams. Familiarity with ITIL and Service Management framework. A good understanding of the current Cyber Threat Landscape, including common threat actors, attack vectors, and response strategies. More ❯

what users need, when they need it. Provision of effective cyber security protective monitoring, vulnerability management in conjunction with technical teams and suppliers, and a responsive and effective cyber incident response capability. Lead on software licencing (circa £40m/y) seeking to ensure legal compliance and cost effectiveness Provide a comprehensive inventory of the IT estate to enable … Certification in ITIL mandatory. A thorough understanding of modern IT technologies and management approaches. Knowledge and experience in leading in an operational environment. Knowledge of cyber security and cyber incident response Desirable a certification in Service Operations. Skills Required Strategic thinking and strategy development, especially in the area of IT services. Exceptional leadership skills, including in operational crisis More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

space and MS-SQL databases A point of escalation for all Application related issues within the Application Support team. Working as part of a second line support function following incident management through to incident resolution. Natural problem solving with ability to apply previous experience to new problems working towards route cause analysis. Ensuring the entire application estate aligns … availability, and performance of software systems through a combination of software engineering and systems administration principles. Responsible for monitoring, automating, and improving the operational aspects of software systems, including incident response, capacity planning, and performance tuning Understanding of ITIL process, incident management, change management and problem management including working to strict SLAs. Maintaining middleware such as; IIS More ❯

warnings). Notify the government of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the government's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Knowledge of cybersecurity and privacy principles, computer networking concepts, protocols, network security methodologies, laws, regulations More ❯

that rewards proactive thinkers Opportunity to mentor junior analysts and drive operational strategy Compensation $100,000 - $115,000 depending on experience and skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial More ❯

ll be responsible for the design, implementation, and support of robust monitoring solutions across diverse technologies and platforms. You'll enable real-time performance insights, service stability, and proactive incident management in dynamic environments. Key Responsibilities Translate non-functional monitoring requirements into actionable configurations using tools such as Splunk , Dynatrace , and AppDynamics Deliver full-stack observability, including log analytics … synthetic monitoring , infrastructure metrics , and network performance monitoring (NPM) Provide live support for monitoring tools and contribute to incident response, including support for key business events (some out-of-hours availability may be required) Collaborate with solution architects and project teams to embed monitoring into designs and testing strategies Maintain and enhance dashboards, alerts, and visualisations to enable More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Responsibilities * Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. * Deliver full-stack observability solutions, including application … aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. * Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). * Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. * Maintain and enhance dashboards More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Responsibilities: * Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. * Deliver full-stack observability solutions, including application … aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. * Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). * Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. * Maintain and enhance dashboards More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Skills/requirements Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Skills/requirements Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: SOC Analyst/Vulnerability Management/VM Analyst/Information Security Analyst More ❯

Align with national cyber frameworks such as the NCSC Cyber Assessment Framework (CAF). Drive secure-by-design principles across all technology workstreams. Collaborate with stakeholders to ensure effective incident response and business continuity planning. Collaborate with our Sales & Pre-Sales teams to provide technical input into proposals. Mentor, coach and support architects in the wider architecture team More ❯