1 to 25 of 551 Incident Response Jobs in the UK

Cyber Security Incident Response & Threat Intelligence Analyst Team Overvie wThe Cyber Security Operations Team is responsible for monitoring, detecting, and responding to cyber threats across Thomas Millers estate. We ensure the protection of digital assets and safeguard confidentiality, integrity and availability of systems. Working in a fast-paced … environment, the SOC provides 24/7 vigilance, rapid incident response, vulnerability oversight and actionable threat intelligence to reduce cyber risk . Who Are We Looking Fo r?We are seeking a Cyber Security Incident Response & Threat Intelligence Analyst to strengthen our SOC capability. The successful ...

Senior Incident Response Analyst When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team! Work location: Remote Salary … would love to hear from you. The role and what youll be getting up to on a day to day basis: As a Senior Incident Response Analyst at Littlefish, youll be at the heart of our Cyber Security Operations Centre (CSOC), working alongside a passionate and skilled team. ...

position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued … state of the art tools for maximum impact, then we have a home for you. The successful candidate will work with a team of incident responders at one of Visa's Cyber Fusion Centers. The team is part of a larger organization located across multiple geographical sites that ...

Role: Technical Incident Responder (Cyber incident Response) Location: UK remote Start: ASAP Duration: 6 months (inside IR35) Overall purpose the role Our CIR specialists are called to answer client needs regarding proactive incident response advisory services, reactive incident response, post-breach assessments, managed … threat hunting as well as implementing response automation technologies. Role and Responsibilities As a Technical Incident Responder you will be focused on CIR and you will typically have responsibility for: Your creative mindset will enable you to solve clients’ issues whilst thinking around corners; · You will bring ...

Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose … role of an Incident Response (CSIRT)/SOC Level 3 Analyst is to respond to high-severity cybersecurity incidents and escalated events or alerts, using experience and industry tools to expedite containment, eradication, and recovery strategies that minimise business impact and protect network systems and customer data from ...

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern … edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering ...

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more. The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation ...

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

About this role Our Incident and Threat Operations services are central to this. We support PwC's clients in crisis across our global network to respond, remediate and recover from a wide variety of cyber attacks. We also support clients in developing detection engineering and threat hunting strategies … modern SecOps environments, and engineer automation and orchestration playbooks to streamline detection and response activities. We design playbooks for investigation, response, and recovery. We are assured by the UK NCSC under its Enhanced Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national ...

About this role Our Incident and Threat Operations services are central to this. We support PwC's clients in crisis across our global network to respond, remediate and recover from a wide variety of cyber attacks. We also support clients in developing detection engineering and threat hunting strategies … modern SecOps environments, and engineer automation and orchestration playbooks to streamline detection and response activities. We design playbooks for investigation, response, and recovery. We are assured by the UK NCSC under its Enhanced Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national ...

Threat Intel And Dark Web Experts, Etc. We Have Helped Clients And Partners For 10+ Years Across Industries And Geographies With The Following Services Incident Response, Intelligence, and Investigations. End Point & Managed Detection & Response. Technology, Privacy, and Cyber Risk Advisory. The EMEA Cyber Security & Privacy practice is growing … ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security, AI security and managed detection & response services. Why Join Ankura Have the opportunity to get involved with challenging projects for both Proactive and Reactive client work. Join ...

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios ...

proactive and skilled Level 2 SOC Analyst to support their growing client base. This role is ideal for someone with hands-on SOC or incident response experience who enjoys analysing complex security events and helping strengthen defensive operations. As a Level 2 SOC Analyst, you will … ownership of advanced investigations and contributing to continuous improvement of our security monitoring services. You'll work across a variety of customer environments, supporting incident response, enhancing detection logic, and ensuring threats are identified and contained quickly. This position includes participation in an on-call rotation for high ...

security strategy and play a critical role in shaping client security roadmaps. This position focuses on strategic leadership, proactive risk management, and ensuring robust incident response processes. You will act as a trusted advisor to clients and internal teams, driving security initiatives that align with business objectives … regulatory requirements. Responsibilities: Develop and maintain client cyber security roadmaps to ensure long-term resilience and compliance. Coordinate and oversee incident response efforts, ensuring timely containment and remediation of threats. Liaise with clients and stakeholders to communicate risks, strategies, and progress effectively. Prioritise remediation efforts based on risk ...

Information Security Analyst to join our dynamic Security Operations team. This role is central to strengthening our cybersecurity posture through proactive monitoring, detection, and response across multiple domains including threat intelligence, incident response, and vulnerability management. You'll work closely with our Security Architect & Engineering Manager, delivering … Share Scheme, giving you a stake in our collective success. Why Join Us? Monitor, detect, and respond to security threats across multiple domains Conduct incident response and forensic investigations Enhance detection capabilities and lead threat hunting initiatives Collaborate with IT, digital teams, and managed service providers Be part ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units … work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM ...

will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units … work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM ...

Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. The Role As a Cyber Insurance Incident Manager at Willis, you will serve as an advisor and support lead for internal colleagues and clients facing cyber incidents. This role requires strong … communication skills to support clients through high-stress events such as ransomware attacks, data breaches, and business email compromises. You will help ensure rapid response, align incident actions with insurance policy terms, and manage relationships with insurers, legal counsel, and technical vendors to protect client interests and minimize ...

Including: Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring with the wider CISO team Support Cyber Security incident response process Support Vulnerability Management Process Support RFI for wider stakeholders What do you need to thrive in this role? Knowledge of security … concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc Experience in threat management Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix Knowledge of applications, databases, middleware to address security threats against the same Experience in delivering a threat ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

platforms. We work closely with other Engineering, Data, Platform and Operations teams to help them build reliable, observable, and cost-effective systems. We lead incident response, improve deployment safety, and guide teams toward sustainable service ownership. We process large volumes of telemetry data every day and are constantly … will be confident working across infrastructure and application layers, and you will lead by example in everything from SLOs and SLIs to post-incident reviews. What You Will Be Doing: Observability and OpenTelemetry: Own and evolve our observability strategy across services. Lead how we collect, process, sample, and surface ...

platforms. We work closely with other Engineering, Data, Platform and Operations teams to help them build reliable, observable, and cost-effective systems. We lead incident response, improve deployment safety, and guide teams toward sustainable service ownership. We process large volumes of telemetry data every day and are constantly … will be confident working across infrastructure and application layers, and you will lead by example in everything from SLOs and SLIs to post-incident reviews. What You Will Be Doing: Observability and OpenTelemetry: Own and evolve our observability strategy across services. Lead how we collect, process, sample, and surface ...