1 to 25 of 450 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’ Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology. Our goal … unauthorized access, malicious code. Job Summary This role serves as a critical leader within the global CERT and DFIR team, managing end-to-end incident response operations, including detection, analysis, containment, and remediation of security incidents. The position oversees the development and execution of incident response ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

This CIRT L3 Lead role is a hands-on leadership position responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment My client is an international Consultancy firm, specialising in Cyber Security looking for a hands … Cyber Incident Response Tech Lead , responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment. You will coordinate cross-functional technical teams during major incidents, drive containment and recovery, and own post-incident ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

complex enterprise environment. You will be responsible for delivering scalable SecOps solutions, integrating ServiceNow with key cybersecurity tooling, and driving automation across security incident response and vulnerability management processes. Key Responsibilities Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response … guidance to development and implementation teams. Requirements Proven experience as a ServiceNow Architect, ideally across SecOps or IRM modules. Strong knowledge of security operations, incident response and vulnerability management. Hands-on experience with ServiceNow workflows, Scripting, CMDB and integrations (REST/SOAP, MID Server). Strong stakeholder management ...

Remote | Contract (Inside IR35) | 6+ Months | Rate (TBC) We are seeking a Network Security SMEto support our client in strengthening their contain-to-eradicate incident response capability. This role is focused on enabling rapid, controlled network isolation and eradication during high-impact security and operational incidents … regulated environment. This is a hands-on senior role requiring proven experience in enterprise-scale containment and incident response within security-critical environments. It is a contract position (Inside IR35) which is intially 6 months but likely to extend. The rate ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice click apply for full job details ...

selection, design, and transition from fragmented security tooling to a unified SIEM platform and security data lake . Drive a fundamental shift from incident-focused, task-based workflows to preventative security activities and platform optimisation . Proactive Threat Focus Guide the evolution from reactive alert handling to proactive threat … prompt injection, data poisoning, and model theft . Deploy and monitor “guardian agents” to provide real-time detection of malicious behaviour within AI systems. Incident Response & Resilience Guide the development, testing, and maintenance of advanced incident response plans , with a focus on high-impact threats such ...

getting organised ahead of their anticipated growth plans! We’re focused on finding them a Security Operations Analyst to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes the opportunity to develop in to line management and beyond … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

driving continuous improvement across a large, complex environment. The Role As an IT Security Analyst, you will support all aspects of security operations, incident response, vulnerability management, governance activities, and the development of secure processes across the organisation. You’ll monitor and investigate alerts, analyse threats, lead security … defending large-scale environments from emerging threats. Key Responsibilities Investigate and analyse security events, correlating data and identifying root causes. Perform deep-dive incident analysis using logs, threat intel and IoCs. Conduct proactive and reactive threat hunting. Execute vulnerability assessments and support remediation activities. Carry out risk analysis, identifying ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Head of IT Security to build and lead a multi-disciplinary security function that protects the entire organisation. From setting strategy to refining incident response, your impact will be felt across the business. The Role As the Head of IT you will build and lead a multi-disciplinary … security function that protects the entire organisation. From setting strategy to refining incident response, you will strengthen how to defend, detect, and respond, and be a leader who's ready to take the security function to the next level. This is a role for a visionary, a builder ...

strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! About the role: The Cyber Security Incident Response Specialist would be member of CSIRT, part of Counter Threat & Engineering (CT&E) function, responding to cyber threats and security incidents globally. … relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment ...

largest and most innovative energy companies. Your responsibilities: Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/… systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for our ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse, and alignment with ServiceNow and enterprise architecture standards. Mentor ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...

highly client-facing role where you will guide businesses through practical resilience improvements, including: • Designing and delivering cyber crisis simulation exercises • Developing and enhancing incident management and response frameworks • Conducting capability and readiness reviews • Advising senior leadership teams on cyber preparedness strategy You will lead engagements from initial … scoping through delivery, working closely with executive stakeholders and technical teams to provide clear, actionable recommendations that improve response capability and organisational resilience. Those with a background in reactive Incident Response (either in-house or from Consulting already), who are wanting to move into an advisory ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. - Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

built for you.We’re hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening … Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments (including AD hardening tools ) Essential Experience (Must Haves) Candidates must have: Security Engineering & Hardening IAM, PIM/PAM , identity lifecycle ...

Ensure services remain stable, responsive, and aligned to operational needs Lead joiner, mover and leaver processes with a strong focus on day-one readiness Incident & Major Incident Management Take ownership of Incident and Major Incident Management within the Service Desk Ensure incidents are logged, prioritised … resolved within agreed SLAs Coordinate major incident response with clear communication and rapid restoration Lead post-incident reviews, root cause analysis, and corrective action tracking Use incident trends to improve resilience and reduce repeat issues Service Requests & IT Asset Procurement Coordinate service requests across the organisation ...

robust security architectures within Google Cloud Platform, ensuring alignment with NCSC guidance, GDPR and public sector compliance frameworks. You will embed proactive vulnerability management, incident response processes and secure DevOps practices. You will provide assurance through security reviews and support integration with monitoring and audit mechanisms, contributing … secure cloud architecture controls within GCP Lead vulnerability assessments and remediation planning Embed security testing within CI/CD pipelines and development workflows Support incident response and post-incident analysis activities Ensure compliance with organisational security policies and regulatory standards Provide security assurance input to architecture ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...