1 to 25 of 434 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering proactive incident readiness engagements. You will work closely with organisations to strengthen their preparedness. This includes reviewing and developing incident response plans, facilitating tabletop exercises, running simulated attack scenarios ...

Requirements 5+ years of hands‐on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure Strong knowledge … NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems Experience developing detections‐as‐code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks Working knowledge ...

Senior Security Engineer – Detection & Response – EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta’s environment, proactively … monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong ...

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend. We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment … Cyber Incident Response Manager. This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: Grade Level (for internal use): 11 Cyber Incident Response Analyst The Role As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops … decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). ...

play a critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct … detail and high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation ...

Title Level 3 Security Analyst – Incident Response & Vulnerability Management Department Service Delivery/Security Reporting To Security Lead/Service Delivery Manager Operates under the direction of the Incident Manager during security incidents Location UK (Hybrid) Office in Cardiff 1-2 days per week, regular client site … travel. Working Pattern Monday to Friday with participation in the on-call Security and Major Incident rota as required Role Purpose The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate ...

Senior Consultant | Cybersecurity - Incident Response | Forensic & Litigation Consulting FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact … order to assimilate client needs and design appropriate technical solutions. Lead assessment of current threat identification techniques and development of new methodologies and frameworks. Incident analysis, combining sound analytical skills with advanced knowledge of cybersecurity, digital forensics and incident response. Assess client cybersecurity postures against industry‐standard best ...

Facilitate both inbound and outbound connectivity while managing risk and maintaining service integrity. Performance Management:Define and monitor service levels (availability, latency, packet loss, incident response and resolution times). Proactively address issues impacting service quality. Security & Compliance:Oversee next generation firewall deployments, SSE/cloud security services … enforce policy-based access controls. Ensure compliance with all regulatory and business requirements. Incident & Problem Management:Lead the network incident response, prioritization, and escalation processes. Work closely with engineering and service desk teams on rapid restoration and continuous improvement. Vendor & Stakeholder Management:Manage relationships with third-party ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk To manage and service NCC Group clients within the Digital Forensics and Incident Response space. The Principal DFIR Consultant plays a pivotal role within the team of seasoned analysts, actively participating in the analysis and response … collaboration, clear communication, and efficient workflow throughout technical engagements. Responding to emergency incidents, including mitigation and remediation activities. Maintaining composure and effectiveness in client incident‐management scenarios. Providing clients with high‐quality technical investigations. Collaborating in the identification, resolution, and documentation of security incidents. Conducting intelligence‐driven investigative analysis. ...

Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this is not a purely … schedules, handovers, and on-call rotations Act as the primary escalation point for security incidents and analyst queries Ensure high-quality triage, investigation, and response aligned to SOC processes Drive team development through training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs ...

environment and you will have on-going opportunities to develop your technical skills and grow within cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected … malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis, containment, and remediation of security incidents. Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention ...

Senior Cyber Incident Responder Daily Rate: Inside IR35 Location: Sheffield Job Type: Hybrid (2-3 days on-site) Join our Cyber Defence Centre (CDC) as a Senior Cyber Incident Responder. This senior, business-facing role within Security Operations & Engineering focuses on end-to-end cyber incident management … coordination, and stakeholder engagement across complex environments. You will lead the response to high-severity cyber incidents, ensuring effective command, communication, and decision-making throughout the incident lifecycle. Day-to-day of the role: Incident Leadership & Management: Lead the coordination of high-severity cyber incidents from initiation ...

capability across a modern hybrid estate.This is a hands-on leadership role where you'll combine technical depth with stakeholder engagement, driving security operations, incident response, and continuous improvement across infrastructure, cloud, and workplace environments. The Role You'll take ownership of cybersecurity operations, leading a small engineering … team and working closely with an outsourced SOC/MSSP to ensure robust monitoring, response, and continuous improvement. Responsibilities Leading technical incident response (containment, eradication, recovery) and post-incident analysis Owning and improving security controls across endpoints, identity, networks, and cloud platforms Driving vulnerability management, patching ...

capability across a modern hybrid estate.This is a hands-on leadership role where you'll combine technical depth with stakeholder engagement, driving security operations, incident response, and continuous improvement across infrastructure, cloud, and workplace environments. The Role You'll take ownership of cybersecurity operations, leading a small engineering … team and working closely with an outsourced SOC/MSSP to ensure robust monitoring, response, and continuous improvement. Responsibilities Leading technical incident response (containment, eradication, recovery) and post-incident analysis Owning and improving security controls across endpoints, identity, networks, and cloud platforms Driving vulnerability management, patching ...

fully remote and allows you to work from anywhere within Northern Ireland. How you’ll make an impact Lead improvements in detection and response capabilities, continuously optimizing monitoring, alerting, and incident response processes. Mentor junior and mid‐level engineers, setting a high standard in security practices … decisions. Lead automation and process optimization efforts by developing scripts and tools to automate repetitive security tasks as well as to enhance detection and response capabilities through the use of automation and integration of security tools. What will set you up for success Bachelor's degree in Computer Science ...

Embed secure‐by‐design principles and DevSecOps practices across engineering and delivery teams. Use AI and automation to improve detection, prevention, and response. Lead incident response and threat modelling with a practical, engineering‐first mindset. Own and manage the Information Security Risk Register; ensure risks are assessed, documented … effectively. Oversee third‐party risk management, including supplier due diligence, onboarding, and continuous monitoring. Oversee operational security activities, including threat detection, vulnerability management, and incident response. Develop and maintain incident response playbooks and lead investigations where required. Collaborate with SOC and Systems teams to strengthen detection, response ...

incidents and mangment of the SOC Analysts. This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying … high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with ...