1 to 25 of 80 Incident Response Jobs in the South East

Incident Response (CSIRT)/SOC Level 3 Analyst - Outside IR35 Location: Crawley (2-3 days onsite) Contract: 6 months Outside IR35 We are looking for an experienced Incident Response (CSIRT)/SOC Level 3 Analyst to join a high-performing cyber security operations team … initial 6-month contract. This is an excellent opportunity for a senior cyber security professional with strong incident response, threat hunting, and SOC expertise to play a critical role in protecting enterprise IT and operational environments from advanced cyber threats. You will work closely with cyber security operations ...

Incident Response (CSIRT)/SOC Level 3 Analyst - Outside IR35 Location: Crawley (2-3 days onsite) Contract: 6 Months Outside IR35 We are looking for an experienced Incident Response (CSIRT)/SOC Level 3 Analyst to join a high-performing cyber security operations team … initial 6-month contract. This is an excellent opportunity for a senior cyber security professional with strong incident response, threat hunting, and SOC expertise to play a critical role in protecting enterprise IT and operational environments from advanced cyber threats. You will work closely with cyber security operations ...

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function, overseeing … security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes, identifying emerging ...

Cyber & Network Security Manager We are seeking an experienced Cyber & Network Security Manager to lead the delivery of all security operations, drive cyber incident response, and provide enterprise-wide oversight of network security. This is an operational leadership role at the centre of the cyber defence function. … Security Operations Centre (SOC) services. Act as the senior operational escalation point for cyber security incidents and major security events. Own and coordinate cyber incident response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover … Strong understanding of NCSC HMG IAS5, Cyber Assessment Framework (CAF), ISO 27001, and GDPR Hands-on experience integrating with a UK Government SOC, including incident response and security reporting Strong working knowledge of Oracle Cloud security (OCI IAM, Vault, network security, audit, PAM) Experience securing Oracle SaaS applications ...

Incident Response (CSIRT)/SOC Level 3 Analyst - Outside IR35 Location: Crawley (2-3 days onsite) Contract: 6 Months Outside IR35 We are looking for an experienced Incident Response (CSIRT)/SOC Level 3 Analyst to join a high-performing cyber security operations team ...

high-performing cyber security team Own and deliver the IT security strategy, policies, and best practices Oversee day-to-day security operations (SIEM, EDR, incident response, vulnerability management) Ensure compliance with frameworks such as ISO 27001, NIST, CIS Controls and GDPR Manage risk assessments, remediation planning, and continuous … Collaborate with engineering and infrastructure teams to embed Secure by Design principles Manage third-party security vendors and services Lead audits, compliance activities, and incident response planning Drive security awareness and foster a strong security culture across the business Key Skills & Experience Proven experience in a cyber security ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

security team Delivering the organisation's security roadmap and controls framework Acting as the senior escalation point for security-related issues Overseeing security operations, incident response and vulnerability management Supporting secure Azure and AWS environments Managing and optimising security tooling including SIEM, EDR and related platforms Reviewing projects … design principles across technology initiatives Managing third-party security providers and key supplier relationships Leading risk assessments, audit activities and compliance initiatives Maintaining incident response and business continuity capabilities Delivering security awareness and guidance across the wider business What We're Looking For You'll combine strong technical ...

against evolving cyber threats while ensuring security controls remain practical, effective, and aligned with business needs. You will oversee security operations, risk management, governance, incident response, and security awareness activities. Working closely with IT, senior stakeholders, third-party suppliers, and wider business teams, you will help maintain … will manage security risks, vulnerabilities, audits, and assessments, ensuring appropriate remediation plans are in place and tracked through to completion. You will oversee incident response processes, investigating security events and coordinating effective responses to minimise business impact. You will work with internal teams and external suppliers to ensure ...

intersection of cyber leadership, risk governance, and business engagement . This is a people-focused leadership role , managing a capable, self-sufficient team across incident response, engineering, and architecture-while acting as a key deputy to the CISO (EMEA). Key Responsibilities Lead and manage cyber teams across … incident response, engineering, and architecture Act as deputy to CISO , supporting risk, governance, and leadership forums Oversee incident response , providing executive-level updates Ensure security controls and architecture align to CISO strategy and risk appetite Manage senior stakeholders (CIO, COO, CFO) and translate risk into business ...

frameworks such as NIST CSF, IEC 62443 and other recognised industry standards. Assess critical network infrastructure, including segmentation, remote access, identity, monitoring, resilience and incident response capabilities. Review OT architecture, asset inventories, data flows, firewall rules, network zones and conduits. Identify security gaps, operational risks, vulnerabilities and control … senior business stakeholders. Produce high-quality client deliverables, including assessment reports, risk registers, maturity scorecards, architecture recommendations and implementation roadmaps. Contribute to OT incident response planning, tabletop exercises, cyber resilience testing and recovery planning. Support pre-sales activity, including solution shaping, proposal input and client presentations where required. ...

control systems remain secure, compliant and operationally robust. You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement … safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate ...

network estate (including Cisco Meraki). The role is hands-on and operational, partnering with IT teams to implement security controls, support monitoring and incident response through Sophos MDR, and improve cyber resilience by supporting Disaster Recovery (DR) testing and Business Continuity (BC) readiness. Key Responsibilities Cloud Security … ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration with MDR analysts. Maintain coverage ...

hands-on role in ensuring it is reliable, scalable, and observable. You will help establish and mature SRE practices, focusing on: Monitoring and observability Incident response Post-incident review Reliability testing and capacity planning Toil reduction Enabling development velocity We offer a hybrid working arrangement with … Milton Keynes office. Key Responsibilities: Support teams using ConnellsX and respond to incidents in a structured, blameless way Investigate root causes and drive post-incident actions to completion Define SLIs, contribute to SLOs, and monitor error budgets Build dashboards, alerts, and runbooks to improve visibility Automate repetitive tasks ...

Lead SOC Analyst to help protect multiple critical client environments. The role offers real variety and continued hands-on involvement, combining leadership with incident response, threat detection, and operational delivery. We will also consider experienced SOC professionals who are ready to step into a leadership position while remaining …/7 SOC, acting as the primary escalation point for complex incidents, supporting operational delivery, and helping to mature our detection and response capabilities across multiple clients. This role is site-based in Hemel Hempstead and follows a shift pattern of two day shifts (6am6pm), two night shifts (6pm6am ...

real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence (CTI), and Incident Response, you will turn intelligence and hunt findings into reliable detections, embracing a threat-led, Detection-as-Code approach. The individual will work … detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence, and incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested ...

Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party … Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender ...

project outcomes within agreed SLAs. Operational Excellence Accountable for the operational integrity of WAN, LAN, Wi-Fi, and cloud-based network services. Oversee incident response, troubleshooting, and root cause analysis for complex network issues, ensuring timely resolution and minimal business impact. Owner of network device configuration management, backup … network security baselines, compliance with internal policies, and external standards (e.g., ISO 27001, NIST CSF). Collaborate with the Security team on vulnerability management, incident response, and audit readiness. Supplier & Stakeholder Management Act as the primary technical authority with network service providers and hardware vendors, accountable ...

Risk & Compliance: Ensure adherence to DSPT, CAF, CE+, ISO 27001, GDPR/DPA. Security by Design: Support secure architecture, systems design, and resilience planning. Incident Response: Act as primary escalation point; lead investigations and remediation. Policy & Process: Develop and enforce security policies and technical controls. Threat & Vulnerability Management … supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problem-solving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

clear documentation of findings Identify security weaknesses, vulnerabilities, and gaps within the environment Recommend and implement improvements to strengthen overall security posture Assist with incident response and remediation activities Support and deliver internal IT security awareness and training initiatives Participate in and contribute to security-related projects … with Microsoft Defender Experience monitoring and responding to security alerts in a SOC or security-focused environment Knowledge of endpoint security, threat detection, and incident response processes Understanding of cybersecurity principles, vulnerabilities, and attack techniques Ability to investigate and analyse security events effectively Experience identifying security gaps ...

Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes … cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate ...