1 to 25 of 352 Incident Response Jobs in the UK

Senior Incident Response Analyst When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team! Work location: Remote Salary … would love to hear from you. The role and what youll be getting up to on a day to day basis: As a Senior Incident Response Analyst at Littlefish, youll be at the heart of our Cyber Security Operations Centre (CSOC), working alongside a passionate and skilled team. ...

security stacks. The ideal candidate will have expertise in monitoring and analyzing security incidents in SOC. Your Responsibilities (Up to 10, Avoid repetition) 1. Incident Detection and Response Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize … security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures. Quality Assurance for SOC L1, monitoring and triaging. 2. Incident Detection and Response Lead investigations and remediation of complex ...

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join … large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront ...

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join … large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront ...

Role Overview We are seeking an experienced SOC Operator to support a public sector security operations capability, with a focus on threat detection, incident response, and collaboration with delivery teams to improve security monitoring and resilience. The role involves developing detection content aligned to recognised threat frameworks, supporting … incident investigations, and helping technical and non-technical stakeholders prepare for and respond to security incidents. Key Responsibilities Develop and maintain SIEM rules and alerts in Splunk , mapped to the MITRE ATT&CK framework Analyse security events and alerts to identify potential threats and incidents Contribute to and lead ...

security strategy and play a critical role in shaping client security roadmaps. This position focuses on strategic leadership, proactive risk management, and ensuring robust incident response processes. You will act as a trusted advisor to clients and internal teams, driving security initiatives that align with business objectives … regulatory requirements. Responsibilities: Develop and maintain client cyber security roadmaps to ensure long-term resilience and compliance. Coordinate and oversee incident response efforts, ensuring timely containment and remediation of threats. Liaise with clients and stakeholders to communicate risks, strategies, and progress effectively. Prioritise remediation efforts based on risk ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

Cyber Fusion Center (CFC). This critical, senior-level individual contributor will integrate IAM principles and controls into our security operations and incident response framework. You will be a technical expert with knowledge of the threat environment from the perspective of identity and access management. You will … threat intelligence and operational insights to inform and mature our IAM policies, standards, and controls. You will partner with CFC analysts, threat hunters, and incident responders to provide subject matter expertise during active investigations and to strengthen our security posture. This is a hybrid, Nottingham-based role reporting ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Operations Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … escalation for junior analysts. Serve as a technical subject matter expert on client engagements, presenting findings to senior stakeholders. Participate in alert testing, incident response exercises, and threat hunting activities. Stay up to date with the latest threat intelligence and emerging attacker tactics. Additional Responsibilities (client-dependent): Threat ...

Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise to work … development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage and mentor SOC team members ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

join our team. This is a critical leadership role, overseeing the full security lifecycle — from architecture and policy development to operational resilience and incident response — across complex hybrid environments with a strong emphasis on cloud security (AWS and Azure). Your leadership will be central to ensuring that … into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Ability to establish and improve incident response playbooks ...

secure ICT services supporting critical UK Defence systems. Operating within highly regulated, high-availability environments, they deliver resilient infrastructure, operational assurance, and rapid incident response across mission-critical platforms. The engineering teams work at the forefront of secure networking, virtualisation, automation, and monitoring technologies to ensure Defence systems … within secure Defence ICT environments, providing 24/7 operational support for mission-critical systems. The role ensures system availability, resilience, security, and rapid incident resolution in line with contractual SLAs and KPIs, combining deep infrastructure expertise with modern automation and monitoring practices to deliver stable and compliant services. ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

closing date. What you will do Monitor security alerts and threat intelligence feeds to detect and respond to cyber incidents. Lead or support incident response activities, including investigation, containment, eradication, and recovery. Manage and maintain security tools such as Security Information and Event Management (SIEM), endpoint protection, vulnerability … personal development plan (known as Sgwrs). Any other reasonable duties requested commensurate with the grade of this role. Required to take part in incident response activities Your qualifications, experience, knowledge and skills In your application and interview you will be asked to demonstrate the following skills ...

present end-to-end security solutions aligned to business objectives Act as a trusted advisor on cyber security strategy and best practice Support incident response and improvement initiatives where required Produce clear technical documentation and recommendations Collaborate with cloud, networking and wider pre-sales teams Maintain relevant vendor … 5+ years’ experience in pre-sales or consulting within an MSP, reseller or systems integrator Strong understanding of SOC operations, security monitoring and incident response Solid knowledge of Microsoft security technologies Experience with SIEM, MDR/EDR, SSE and SASE solutions Knowledge of ISO 27002, CIS, NCSC ...

take ownership of day-to-day cyber security activities, stabilise the current security posture, and drive a backlog of critical actions across incident response, vulnerability management, and network security. It's a small team environment, so pace, urgency, and the ability to be effective quickly are essential. … infrastructure teams, balancing strategic oversight with hands-on execution to ensure progress is made. What you'll be doing: ?? Owning and progressing cyber incident response planning and readiness activities ?? Reviewing vulnerability scan outputs, prioritising risk, and driving remediation actions ?? Leading remediation activities from penetration testing and security assessments ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

significant injury risks as well as the management of H&S issues on the estate. We're now seeking an experienced H&S Incident Response Manager to join our team. In this pivotal role, you will manage and coordinate the effective delivery of incident and issue management … This is a hybrid role with a minimum of 2 days per week in our Central Reading office. What you'll do: Co-ordinate incident and issue management delivered by outsourced providers, ensuring alignment with MBNL's Policies and Standards. Serve as the primary point of contact for stakeholders ...

organization's technology infrastructure and data from cyber-attacks. Provide support and expertise during cyber incidents and contribute to the development of cyber incident management and response plans Prepare detailed technical documentation to support with the improvement of a customer’s security estate, acting … programme. Experience 2+ years in Pre-Sales or similar role within an MSP/Reseller organisation. Previous experience being part of or working with incident response teams would be beneficial Good understanding of incident response stages and handling preferred Knowledge and/or experience using endpoint ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...