1 to 25 of 257 Incident Response Jobs in the UK

Cyber Security Incident Response Consultant (Mid Level) - IR, Cyber, SOC Location: Belfast (office-based) Salary: £35,000 - £50,000 (depending on experience) Employment Type: Permanent Security Clearance: Must be eligible for UK security clearance due to the nature of client engagements Company Profile This is a remarkable opportunity … join a highly respected global cyber security organisation, recognised for delivering incident response and cyber advisory services at the highest level of technical and professional excellence. The organisation supports clients across multiple sectors during complex and business-critical cyber incidents, guiding them from initial detection through containment, recovery ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response and forensic investigation services across our client's customer and internal environments. In this role, you will lead cyber incident investigations, conduct forensic analysis across endpoint, network, and cloud environments, and work closely with security operations teams to identify, contain, and remediate threats. You will also ...

ownership of a threat defence strategy and service. The role will focus on leading a team responsible for security operations, incident detection and response and threat intelligence which will be delivered through partnership with outsourced providers and IT. We're looking for a motivated and experienced individual … This role will have line management responsibilities for 3 of the team: a Threat Intelligence Lead, a TD Service Operations Lead and a Cyber Incident Response Lead. The role requires DV clearance and a minimum of 2 days per week in the Paddington Office. Occasional travel to other ...

Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

capable of leading cyber incidents operationally, technically and commercially from end-to-end. You will act as a senior technical subject matter expert across incident response, detection engineering, cloud security and vulnerability management, while also providing calm, structured leadership during high-pressure situations. The environment is heavily Microsoft … principles Detection engineering and automation Threat and vulnerability management You will work closely with global technology and cyber teams to continuously improve monitoring, detection, response and remediation capabilities across hybrid cloud and on-premise environments. Key Responsibilities Incident Response & Major Incident Management Lead ...

Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Cyber to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead ...

leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function, overseeing … security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes, identifying emerging ...

Cyber & Network Security Manager We are seeking an experienced Cyber & Network Security Manager to lead the delivery of all security operations, drive cyber incident response, and provide enterprise-wide oversight of network security. This is an operational leadership role at the centre of the cyber defence function. … Security Operations Centre (SOC) services. Act as the senior operational escalation point for cyber security incidents and major security events. Own and coordinate cyber incident response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...

Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond … critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

team. This is an excellent opportunity to join a fast-paced cybersecurity environment, helping to protect critical infrastructure and enterprise systems through proactive monitoring, incident response, and threat analysis. Working as part of a 24/7 operational security function, you will play a key role in identifying … monitoring tools, network infrastructure, and endpoint technologies. Investigate and triage security alerts to identify malicious activity and determine attack methods and techniques. Follow established incident response and escalation procedures to contain and mitigate security risks. Ensure all incidents are accurately documented, including indicators of compromise, evidence, and investigation ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...