1 to 25 of 355 Incident Response Jobs in the UK

inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Incident Response Lead Position Description If you're ahead of the game on systems risk and cyber security, we can secure your career ambitions. … support you in taking your career wherever you want it to go. This is a hybrid position. Your future duties and responsibilities As the Incident Response Lead you will be part of the CGI Global Security Operations Center (GSOC) team which provides security monitoring, detection and response ...

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response and forensic investigation services across our client's customer and internal environments. In this role, you will lead cyber incident investigations, conduct forensic analysis across endpoint, network, and cloud environments, and work closely with security operations teams to identify, contain, and remediate threats. You will also ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

Cyber Incident Response Manager - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

pigeonholed into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations. You’ll play a key role in our Security Operations Centre, delivering … monitoring, detection and response to our growing customer base. You’ll contribute to building out our capabilities, improving tooling and processes, and shaping how we operate as the function matures. As the team grows further, you’ll have the flexibility to focus more deeply on the areas that interest ...

Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response ...

leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function, overseeing … security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes, identifying emerging ...

robust automated solutions. Working in close collaboration with Global Information and Cyber Security Defence (ICSD) function, this role identifies opportunities to streamline processes, accelerate incident response, and reduce operational overhead through intelligent automation, leveraging Artificial Intelligence (AI) and Large Language Models (LLMs). In addition to building scalable … manual security operations and workflows. Leverage LLM-powered platforms such as Microsoft Security Copilot to support cybersecurity tasks including threat hunting, triage, investigations and response, and creating security incident response playbooks. Build and maintain SOAR playbooks integrated with various security platforms (e.g., SIEMs, EDRs, identity platforms ...

LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: Grade Level (for internal use): 11 The Role As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company's security program, ensuring … decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response ...

cyber security challenges, and wants to make a real impact within a large-scale enterprise environment. Key Responsibilities Lead and coordinate cyber operations and incident response activities across the organisation. Support the enhancement of cyber containment and response capabilities. Manage and respond to complex cyber security incidents … governance, and security control initiatives. Skills & Experience Required To be successful in this role, you should have: Strong hands-on experience in Cyber Security Incident Response or Cyber Operations. Deep technical expertise in one or more incident response related domains, including: SOC Operations Malware Analysis Endpoint ...

energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

cyber risk and assurance reporting to Digital governance groups, Audit/Risk & Assurance Committees, & the Trust Board. Provide strategic oversight of cyber operations (monitoring, incident response, vulnerability management, identity & access management) delivered internally & via third parties; assure the effectiveness of managed services. Embed secure-by-design principles across … culture through engagement & awareness activities across clinical, operational, and corporate teams. Contribute to business continuity, disaster recovery, & cyber resilience planning, including exercises, testing, & post-incident learning; participate in out-of-hours incident response where required. About us The Christie is one of Europe's leading cancer centres ...

Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond ...

tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond … critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology … business operations. Role Overview: This role supports the CERT/Sales team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in house or private practice experience who’s ready to grow into a broader commercial legal role. This ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...