1 to 25 of 87 Incident Response Jobs in the West Midlands

Role Responsibilities Key responsibilities for this role may include: Incident Detection & Response: Lead the triage, investigation, and classification of security events using SIEM and other tooling Take ownership of end-to-end handling of medium to high-severity incidents, coordinating containment and remediation efforts Maintain detailed incident records, including timelines, impact assessments, root cause analysis, and mitigation … steps Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations Participate in on-call or out-of-hours technical support where appropriate Threat Intelligence and Analysis: Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns Lead threat intelligence sharing within the organisation and with external partners Mentor … Lead security audits and assessments, providing evidence of SOC activities and controls Maintain accurate records of all events handled, including triage notes and escalation details. Lead the delivery of incident and vulnerability summaries to the management team and customers as part of Service Reviews or Security Working Groups Lead post-incident reviews and document lessons learned Ensure compliance More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

The team you'll be working with: SOC Analyst (L1) We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on-site in Birminham, we need canddiates that are able towork in a job that involves 24/7 operations … log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. Write up high quality security … incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident More ❯

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham. We need candidates who are able to work in a job that involves 24/… to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigations of Security Events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and coordinate with the customer's IT and Security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high-level security operations. Oversee and enhance … security incidents. Conduct real-time analysis of security events and escalate as necessary. Support investigations into incidents, determining root causes and impacts. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to contain, eradicate, and recover More ❯

OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll love this … environments. Strategic Contribution – Influence the development of new controls and support the delivery of Cadent’s cyber security strategy. Cross-Team Collaboration – Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement – Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact – Help protect the systems that keep gas flowing More ❯

OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll love this … environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration - Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep gas flowing More ❯

critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only … security events. Monitor and manage the performance of the SIEM infrastructure. Security Engineering: Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance More ❯

ll ideally have: Up to 1 year of experience in a cyber security or technical support role (SOC experience is a bonus). Familiarity with SIEM tools and basic incident response concepts. Understanding of common network protocols, cyber threats, and operating systems. Exposure to log analysis and a passion for problem-solving. A desire to grow within a More ❯

United Kingdom 1 day ago Manchester, England, United Kingdom 1 day ago Cyber Security Consultant - (Remote - UK) Manchester, England, United Kingdom 1 month ago Senior Security Consultant, Digital Forensics & Incident Response Senior Cyber Security Consultant - Defence/Gov Manchester Area, United Kingdom 4 days ago Identity Security Consultant - CyberArk Exp Principal Security Architect – Sentinel, Defender, Purview Manchester, England More ❯

technical, organisational and communication skills to fulfil this role. You will also be accountable for contributing to audit responses, specifically in the InfoSec area, and establishing improvements in the response process and standardisation. About You We are keen to hear from candidates with a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Cyber … and other security technologies (e.g. SIEM, VAS, IDS/IPS, Firewalls, IAM, NAC, patch management, anti-malware). In addition, the ideal candidate will have: • Solid understanding of security incident management and incident response processes and activities. • Strong working knowledge of authentication technologies (e.g. two-factor, multifactor). • Good knowledge of Zero trust principles (e.g. limiting access More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. Youll Bring Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design from identity and access management to … England, United Kingdom 1 week ago Internal Audit - Birmingham - Associate - Software Engineer West Midlands, England, United Kingdom 1 week ago Birmingham, England, United Kingdom 4 days ago IT Security Incident Response Analyst - Solihull Birmingham, England, United Kingdom 4 days ago Birmingham, England, United Kingdom 2 months ago Telford, England, United Kingdom 2 months ago Fire & Security Project Commissioning More ❯

working as part of an established team, supporting multiple business units and contributing to a broader programme of cyber resilience. You’ll be hands-on with tooling, controls, and incident response – while also helping shape how security is delivered across the group. It’s a business that takes security seriously and offers room to grow your career as More ❯

A proactive mindset with a drive to identify, own, and resolve security challenges end-to-end. Strong technical skills in threat detection, vulnerability management, identity and access control, and incident response. Familiarity with security tools such as SIEM, EDR, firewalls, and cloud security solutions. Knowledge of security frameworks like NIST, ISO 27001, PCI. Ability to communicate complex risks effectively More ❯

to protect our organisation's data and IT infrastructure. This role focusses on the operational aspects of data protection - from technical risk assessments and secure system configuration reviews to incident response, vulnerability remediation tracking, and regulatory compliance audits. You will work closely with engineering, DevOps, and IT teams to embed privacy and information security controls into our technology … stack. This is a full-time position. Occasional after-hours work may be required to support incident response, high-priority vulnerability fixes, or audit activities. Develop and implement data protection governance: Design, implement, and enforce data protection and information security policies and procedures aligned with business objectives and regulatory requirements Support the development of strategies to mitigate and … advice and guidance to teams on how to mitigate vulnerabilities, and following up on remediation progress Collaborate with development teams to integrate secure coding and privacy-by-design principles Incident response & recovery: Lead incident response efforts on a duty basis Provide guidance on threat mitigation, containment, and recovery processes Legal and regulatory conformance: Ensure conformance with More ❯

. Lead the strategic integration of security practices into client delivery, embedding security controls and governance into account management workflows. Oversee the implementation and optimisation of security services, including incident response, threat intelligence, and compliance management. Establish client review boards and governance checkpoints to validate that client engagements meet defined security requirements and service levels. Drive continuous improvement … KPIs) Client Satisfaction Rate : Measured through regular client feedback and satisfaction surveys. Delivery Compliance Rate : Percentage of client engagements that meet defined delivery standards and pass governance review gates. Incident Response Effectiveness : Success rate in managing and resolving client incidents within predefined response windows. Service Utilisation Rate : Adoption and effective use of security services across client accounts More ❯

implementation of our client’s new technology estate. You must have demonstrable experience of security design principles & practices across cloud, storage, networking and RBCA coupled with monitoring, alerting and incident response to be considered for this position.This role is paying between £90,000 to £100,000 + 25% Bonus with hybrid working (3 day PW in office) to … cloud infrastructure for AD, SecDevOps, Networking Services, at an enterprise level is essential. Proven experience in SIEM & SOAR (security information and event management (SIEM) and security orchestration, automation, and response (SOAR). Experience with Rapid7 SIEM tooling is desirable. Proven experience with the core foundational security services of cloud providers (preferably Azure or AWS equivalent for AD, Defender for More ❯

threats, to maintaining SIEM and MDR systems, to ensuring compliance with key regulations such as GDPR and NIS 2. You’ll take a proactive role in identifying vulnerabilities, supporting incident response planning, and ensuring security policies are enforced across the organisation and client networks. This is an exciting opportunity for someone passionate about both IT and OT security … in IT security/cybersecurity Certifications such as CompTIA Security+, CCNA Security, or equivalent Strong understanding of cybersecurity frameworks and threat analysis Experience with SIEM, MDR/XDR, and incident triage Solid knowledge of operating systems (Windows, Linux, Cisco) Excellent communication skills - ability to collaborate across teams and with clients Desirable: Hands-on experience with security tools: firewalls, IPS More ❯

warnings). Notify the government of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the government's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Knowledge of cybersecurity and privacy principles, computer networking concepts, protocols, network security methodologies, laws, regulations More ❯

of analytical tooling. Main duties of the job We currently have openings in the following teams: Health Analytics and Automation - Leading on the delivery of key products to support incident response and the routine surveillance of health conditions and infectious diseases. Work across directorates and with external stakeholders to identify and develop opportunities for product automation and reproducible More ❯

of analytical tooling. Main duties of the job We currently have openings in the following teams: Health Analytics and Automation - Leading on the delivery of key products to support incident response and the routine surveillance of health conditions and infectious diseases. Work across directorates and with external stakeholders to identify and develop opportunities for product automation and reproducible More ❯

to ensure security is woven into every layer of the cloud ecosystem. Driving the DevSecOps mindset and ensuring integration with Group-level security processes such as monitoring, alerting, and incident response. You’ll bring: Proven experience in cloud security engineering within an enterprise setting, preferably on Microsoft Azure. Solid background in foundational security design – from identity and access management More ❯

Social network you want to login/join with: Head of IT Security Incident and Threat Management, Birmingham Client: Crimson Location: Birmingham, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 10.06.2025 Expiry Date: 25.07.2025 Job Description: Head of IT Security Incident and Threat Management – Birmingham Crimson and IMI have joined forces to … build IMI's new security team. We are seeking a talented individual to lead our IT security incident and threat management efforts. If you are passionate about cybersecurity and want to be part of a dynamic team shaping the security future within a global company, we want to hear from you! This role involves leading strategies to protect digital … assets against threats and incidents, requiring expertise in cybersecurity, incident response, and threat management in a FTSE 100 environment. The salary ranges from £90,000 to £110,000 per annum plus benefits. Key Responsibilities Develop and implement incident response strategies. Lead threat intelligence programs for timely risk detection and mitigation. Ensure compliance with security standards and More ❯