1 to 25 of 110 Incident Response Jobs in the South East

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! About the role: The Cyber Security Incident Response Specialist would be member of CSIRT, part of Counter Threat & Engineering (CT&E) function, responding to cyber threats and security incidents globally. … relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage … vulnerability assessments and remediation efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero ...

role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional who thrives in fast … alerts across SIEM platforms and ticketing systems, managing incidents through to resolution Participate in an on-call rota to support live security incidents Manage incident queues and approvals within IT service management tools Act as a subject matter expert for nominated security technologies, ensuring effective configuration and optimisation Support ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

regions. Key Responsibilities Lead the design and implementation of secure authentication, authorisation, and data protection frameworks. Manage and enhance Data Loss Prevention (DLP) systems, incident response, and risk management processes. Oversee cloud security architecture across Azure, O365, and iManage Cloud environments. Collaborate with global IT, compliance, and risk … information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

QA. Strengthen code review standards and engineering consistency. Within 12 months, you will: Confidently contribute to UK and Global teams based on priority. Lead incident response efforts when front-end issues affect production. Influence front-end architectural decisions. Raise the overall quality bar across our Vue/Nuxt … ensure implementation aligns with inclusive design principles. Technical Leadership: Conduct code reviews, guide architectural decisions, and raise engineering standards across the front-end codebase. Incident Response: Lead investigations and resolution efforts during critical production incidents, ensuring fast and structured recovery. Collaboration: Work closely with Product, Design ...

incidents on critical client infrastructure. Perform in-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerability Provide Incident Response support when required, providing guidance on containment, eradication and recovery activities. Maintain and, where appropriate, improve and develop team knowledge … Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Input into threat intelligence activities when required. Represent the SOC within Stakeholders meetings ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

align IT priorities. Conduct regular service reviews and provide reporting ahead of key meetings, demonstrating performance against KPIs, SLAs and contractual obligations. Risk & Incident Management Develop and maintain risk management strategies to minimise service disruption. Lead incident response and ensure timely resolution, minimal business impact and clear ...

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...

improved access controls. Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes). Adhere to all internal service-related processes such as Alert & Incident Management processes. Assist with the creation of processes … when required and to have these align with existing processes. Document incident reports including actions taken in SOC Ticketing systems. Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily/weekly SOC reports for OT Environments. ...

deployment pipelines. Ensure repeatable, reliable, and secure deployment processes aligned with best practices. Operational Excellence & SRE Support Contribute to SRE practices including monitoring, incident response, latency management, and service reliability improvements. Support observability initiatives by integrating monitoring, logging, and alerting tools. Troubleshoot platform issues across Red Hat, Kubernetes … maintaining strong communication with technical teams and stakeholders. This role is for a UK based Utility company and hence demands a highly experienced Major Incident Manager. severity incidents. functional technical teams to diagnose and resolve issues. Incident Activities dive reviews to identify root cause and preventive actions. ...

alerts. Deploying, scaling, and managing containerised applications using tools like Kubernetes for clients who require container platforms Support patching, vulnerability remediation, and security incident response activities to maintain secure environments. Assist with the operational management of data platforms, including storage, protection, replication, and automation of data workflows. Manage ...

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

events from Microsoft Security Suite Perform initial triage and analysis of security incidents to determine severity and impact. Escalate verified incidents to the incident response teams. Ensure timely triage and remediation of any incidents Follow standard operating procedures (SOPs) for incident handling and escalation. Assist in improving … standard operating procedures (SOPs) Assist in identifying tuning opportunities and reduction of false positives Communicate with customer stakeholders during incident investigation Maintain awareness of current threats and vulnerabilities relevant to customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender ...