1 to 25 of 336 Incident Response Jobs in the UK

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

Cyber Security Incident Response Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Cyber Security Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against … sophisticated cyber adversaries, including nation states and organised criminal groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

cybersecurity firm delivering advanced security solutions and advisory services across diverse industries. The organisation provides end-to-end protection, including managed detection and response, secure access services, vulnerability management, incident response, and tailored consulting. The team collaborates closely with clients to safeguard critical systems and data, designing … proactive strategies that anticipate evolving risks while maintaining the highest technical standards and operational excellence. They are looking for a Principal Incident Response Consultant to join a leading cybersecurity operations provider, working at the forefront of complex, high-impact cyber incidents. This senior, hands‐on role, focuses ...

relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat management, and incident response across the organisation. Collaboration is at the heart of this position. By working across the GCS Leadership Team, with business and technology stakeholders, and with industry experts to align strategy, share intelligence, and drive a single, cohesive approach to security services, this leader ensures the Group ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Cyber Incident Response Analyst London - Onsite 2/3 days a week ASAP Start - November 26 £300 per day - Inside of IR35 We are looking for a Cyber Incident Response Analyst to join a small, highly visible cyber security team and step in for an existing … another project for the next 6-9 months. This role sits on the "Respond" side of Cyber Security, focusing on end-to-end cyber incident management, stakeholder communications, and clear reporting. With increased workload driven by the client merger, this is a key role supporting the organisation's security ...

operationally effective. The role owns information security operations and modern workplace services, spanning identity and access management, endpoint security, data protection, threat detection, incident response and compliance monitoring. Operating across a complex, global technology estate, the Head of Cyber Security and Modern Workplace Operations ensures alignment with recognised … management using platforms such as Intune and Defender. Ensure consistent application of security standards across all user devices and environments. Threat detection, monitoring and incident response Oversee continuous monitoring, threat detection and security event management. Lead incident response readiness, coordination and post-incident analysis. Work ...

Title: Cyber Investigation and Forensic Response Manager/Senior Manager Location: UK Level: Manager & Senior Manager Salary: Competitive Salary & Package (Dependent on Experience) Travel: Expected travel across UK and EMEA Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years … fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer ...

integrating SAST, DAST, and SCA tooling to maintain supply chain integrity Engineer Kubernetes security solutions, including RBAC, network policies, and runtime protection Detection, Monitoring & Incident Response Perform incident response activities including triage, containment, eradication, and recovery Develop and optimise security detections (e.g. Sentinel, KQL, YARA) Manage … logging, ingestion pipelines, and monitoring infrastructure Conduct threat hunting and analysis to identify emerging risks Lead or support incident investigations, including post-incident reviews and remediation Vulnerability & Risk Management Identify, track, and remediate vulnerabilities across cloud, endpoint, and infrastructure environments Implement controls arising from security assessments, audits ...

safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines. Key Accountabilities: Vulnerability & Exposure Management Leading efforts to identify, prioritise, and track vulnerabilities across cloud … materials, and briefings to enhance security maturity Offering excellent customer service by supporting various business units through best-practice guidance and responsive problem-solving Incident Response & Assurance Leading and participating in incident investigations to identify root causes and implement effective solutions Providing expert consulting on secure design ...

leading UK cybersecurity firm is seeking a Principal Incident Response Consultant to lead complex incident response engagements. This hands-on role involves acting as the technical lead during cyber crises, guiding investigations, and collaborating with stakeholders to effectively address threats. Candidates must have extensive experience … incident response and digital forensics, and the ability to communicate technical issues clearly. Competitive salary offered is between £70,000 and £80,000 per annum. #J-18808-Ljbffr ...

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

Analyst, you’ll act as a senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities. Key Responsibilities Act as the final … escalation point for security incidents and alerts Lead and coordinate incident response for high-severity threats Perform advanced threat hunting and forensic investigations Analyse logs from SIEM, EDR, NDR, and cloud security tools Develop and refine detection rules and use cases Support SOC maturity improvements and playbook development ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology … business operations. Role Overview: This role supports the CERT/Sales team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in house or private practice experience who’s ready to grow into a broader commercial legal role. This ...

CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID) KEY POINTS Senior operational security leadership role Lead Security Operations, Incident Response & Vulnerability Management Hybrid working - minimum 2 days per week onsite in the Chester Area Competitive salary ABOUT THE CLIENT We're working with a well-established UK organisation recognised … responsible for leading the day-to-day operational security activities that protect the organisation's systems and data. You'll manage security monitoring, incident response, and vulnerability management processes, ensuring they remain effective, efficient, and aligned with industry best practice. A key part of the role will ...

clear mandate to progressively absorb higher-value operational ownership into Cyber Security. Over time, this role becomes the centre of gravity for detection engineering, incident response, and threat-driven defence.When major incidents occur, you are the technical authority. You make decisions under uncertainty, set priorities, and advise executives … high-severity security incidents* Owning adversary-focused defence, including threat modelling, detection engineering, and threat hunting strategy* Designing and enforcing runbooks, escalation models, and incident response playbooks* Setting security standards and having authority to block or escalate high-risk architectural decisions* Building and scaling Cyber Security capabilities, including ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider … intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. if you have strong relevant expertise ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Developer Role Candidates in this role are responsible for the development and maintenance of the code and capabilities of the Security Orchestration, Automation and Response (SOAR) platform. Candidates will work with the Manager of Detection & Response Engineering and will work jointly with our detection engineering, threat detection … response teams to specify clear priorities, evaluate technical tradeoffs, and build high-impact features within the SOAR platform. The candidates' main responsibilities will be to: Focus on the development, maintenance, and delivery of new Security Orchestration and Automation content including custom SOAR Playbooks, Automations/Scripts, Jobs, dashboards, reports ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...