1 to 25 of 71 Incident Response Jobs in the North of England

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth , strategic leadership , and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR) , with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth , strategic leadership , and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR) , with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth , strategic leadership , and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR) , with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth , strategic leadership , and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR) , with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident review, in addition this role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents … occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration between cross functional teams and suppliers to restore normal service operation as quickly as possible., Summary The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident … role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration More ❯

across our three UK brands: PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security … SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation … Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high performing teams across More ❯

posture across our three UK brands: PEXA UK, Smoove, and Optima Legal.You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements.This is a senior leadership role offering the opportunity to define security strategy … SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation … and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high-performing teams across More ❯

Evaluate emerging technologies (AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data … awareness campaigns and training. Promote a culture of security and resilience across the organisation. Collaborate with HR and L&D to embed cyber hygiene into inductions and ongoing learning. Incident Management and Business Continuity Oversee the development and testing of Incident Response, Disaster Recovery, and Business Continuity Plans. Provide senior escalation and leadership during security incidents. Conduct … post-incident reviews and ensure lessons learned drive continuous improvement. Continuous Improvement and Innovation Stay informed on emerging threats and industry trends. Champion automation and innovation in security operations (e.g. SOAR, XDR). Drive security maturity assessments and roadmap development. Essential Experience Proven leadership in IT or cyber security at enterprise or local authority level. Strong understanding of security More ❯

AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security … cybersecurity awareness and training campaigns. Build a security-conscious culture across the organisation. Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training. Incident Management and Business Continuity Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas. … Oversee and periodically test the incident response and disaster recovery plans. Provide strategic direction and escalation oversight during major incidents. Conduct post-incident reviews and feed findings into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and automation (e.g., SOAR More ❯

AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security … cybersecurity awareness and training campaigns. Build a security-conscious culture across the organisation. Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training. Incident Management and Business Continuity Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas … in the workplace. Oversee and periodically test the incident response and disaster recovery plans. Provide strategic direction and escalation oversight during major incidents. Conduct post-incident reviews and feed findings into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

business teams to implement strong cryptographic controls. Drive improvements in secure key lifecycle management, encryption, and authentication processes. Ensure the operational reliability and security of cryptographic services through monitoring, incident response, and proactive risk mitigation. Essential Skills & Experience Proven experience in Cryptography, Secure Key Management, and Information Security. Hands-on expertise with HSM configuration, installation, and support. Experience … and documentation tools (e.g., MS Office). Highly Valued Skills Security or cryptographic certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, or equivalent). Experience in operational security environments, including incident response, risk management, and change control. Familiarity with SharePoint, Confluence, JIRA, and Unix/Windows environments. Knowledge of data protection regulations, compliance standards, and privacy frameworks. Strong technical More ❯

experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards … of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

beyond simply reviewing logs or fixing vulnerabilities; it’s about redefining how security is perceived and integrated across everything we do. You will take a hands-on role in incident response, lead initiatives to strengthen our security posture, and be a key force in ensuring NGN stays ahead of evolving cyber threats. Please Note: National Security Vetting is … delivery of our NIS Directive Improvement Plan, ensuring compliance becomes a strategic advantage, not just a checkbox What we are looking for Experience with SIEM tools, logging, and cyber incident response Strong knowledge of EDR/AV solutions, vulnerability testing, and management Familiarity with Office 365, Active Directory, and network security (TCP/IP) Understanding of SCCM, Intune More ❯

beyond simply reviewing logs or fixing vulnerabilities; it’s about redefining how security is perceived and integrated across everything we do. You will take a hands-on role in incident response, lead initiatives to strengthen our security posture, and be a key force in ensuring NGN stays ahead of evolving cyber threats. Please Note: National Security Vetting is … delivery of our NIS Directive Improvement Plan, ensuring compliance becomes a strategic advantage, not just a checkbox What we are looking for Experience with SIEM tools, logging, and cyber incident response Strong knowledge of EDR/AV solutions, vulnerability testing, and management Familiarity with Office 365, Active Directory, and network security (TCP/IP) Understanding of SCCM, Intune More ❯

You will be involved in assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage … security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other departments to ensure a unified security approach, including third-party risk assessments. Monitor and respond to the IT Security Queue (CVE updates, service requests, incidents, bulletins … . Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives click apply for full job details More ❯

performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core … business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership … SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team’s outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development More ❯

council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other … Security Queue (CVE updates, service requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story.As our Site Reliability Engineering Manager you will:- Lead … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯