1 to 25 of 448 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering proactive incident readiness engagements. You will work closely with organisations to strengthen their preparedness. This includes reviewing and developing incident response plans, facilitating tabletop exercises, running simulated attack scenarios ...

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend. We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment … Cyber Incident Response Manager. This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Director of Cyber Defence | Incident Response, SOC Strategy, Cyber Operations, Global Leadership | £130,000 - £160,000 + 40% bonus + 40% RSUs - hybrid in Leeds A global digital gaming business is looking for a Director of Cyber Defence to shape and lead its cyber defence strategy across … This is a newly created leadership role with responsibility for defining and driving a group wide cyber defence strategy, while improving security operations and incident response capability across a federated organisation. The business operates across multiple international brands and high scale digital platforms, and is investing heavily ...

Director of Cyber Defence | Incident Response, SOC Strategy, Cyber Operations, Global Leadership | £145,000 to £180,000 + 40% bonus + 40% RSUs - hybrid in London or Leeds A global digital gaming business is looking for a Director of Cyber Defence to shape and lead its cyber defence … This is a newly created leadership role with responsibility for defining and driving a group wide cyber defence strategy, while improving security operations and incident response capability across a federated organisation. The business operates across multiple international brands and high scale digital platforms, and is investing heavily ...

global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: Grade Level (for internal use): 11 Cyber Incident Response Analyst The Role As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops … decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). ...

Title Level 3 Security Analyst – Incident Response & Vulnerability Management Department Service Delivery/Security Reporting To Security Lead/Service Delivery Manager Operates under the direction of the Incident Manager during security incidents Location UK (Hybrid) Office in Cardiff 1-2 days per week, regular client site … travel. Working Pattern Monday to Friday with participation in the on-call Security and Major Incident rota as required Role Purpose The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate ...

Detection & Response Analyst (Cyber Security) Location: Primarily remote, with occasional travel to a Manchester office Salary: £35k-£45k plus on-call compensation About the Role An established cyber security business is seeking a Detection & Response Analyst to join its Security Operations team. The organisation specialises in managed security … investigate, and respond to cyber threats. The successful candidate will work within a fast-paced Security Operations Centre (SOC), supporting customers through continuous monitoring, incident response, and proactive threat management. This is an excellent opportunity for someone looking to build their career in cyber security while gaining hands ...

Lead Incident Response Consultant – CNI & Industrial Cyber (Remote) In an era where cyber threats have moved from data theft to physical disruption, the stakes for Operational Technology (OT) have never been higher. We are partnering with a well-regarded UK Cyber Security consultancy evolving their OT incident response practice. This is a rare opportunity to own and develop a specialist OT Incident Response service line, bringing to market a proprietary vision of best practice that protects the utilities, transport, and energy systems the country relies on. The Role You will ...

energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

Facilitate both inbound and outbound connectivity while managing risk and maintaining service integrity. Performance Management:Define and monitor service levels (availability, latency, packet loss, incident response and resolution times). Proactively address issues impacting service quality. Security & Compliance:Oversee next generation firewall deployments, SSE/cloud security services … enforce policy-based access controls. Ensure compliance with all regulatory and business requirements. Incident & Problem Management:Lead the network incident response, prioritization, and escalation processes. Work closely with engineering and service desk teams on rapid restoration and continuous improvement. Vendor & Stakeholder Management:Manage relationships with third-party ...

Facilitate both inbound and outbound connectivity while managing risk and maintaining service integrity. Performance Management: Define and monitor service levels (availability, latency, packet loss, incident response and resolution times). Proactively address issues impacting service quality. Security & Compliance: Oversee next generation firewall deployments, SSE/cloud security services … enforce policy-based access controls. Ensure compliance with all regulatory and business requirements . Incident & Problem Management: Lead the network incident response, prioritization, and escalation processes. Work closely with engineering and service desk teams on rapid restoration and continuous improvement. Vendor & Stakeholder Management: Manage relationships with third ...

Facilitate both inbound and outbound connectivity while managing risk and maintaining service integrity. Performance Management: Define and monitor service levels (availability, latency, packet loss, incident response and resolution times). Proactively address issues impacting service quality. Security & Compliance: Oversee next generation firewall deployments, SSE/cloud security services … enforce policy-based access controls. Ensure compliance with all regulatory and business requirements . Incident & Problem Management: Lead the network incident response, prioritization, and escalation processes. Work closely with engineering and service desk teams on rapid restoration and continuous improvement. Vendor & Stakeholder Management: Manage relationships with third ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk To manage and service NCC Group clients within the Digital Forensics and Incident Response space. The Principal DFIR Consultant plays a pivotal role within the team of seasoned analysts, actively participating in the analysis and response … collaboration, clear communication, and efficient workflow throughout technical engagements. Responding to emergency incidents, including mitigation and remediation activities. Maintaining composure and effectiveness in client incident‐management scenarios. Providing clients with high‐quality technical investigations. Collaborating in the identification, resolution, and documentation of security incidents. Conducting intelligence‐driven investigative analysis. ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology … business operations. Role Overview: This role supports the CERT/Sales team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in house or private practice experience who’s ready to grow into a broader commercial legal role. This ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this is not a purely … schedules, handovers, and on-call rotations Act as the primary escalation point for security incidents and analyst queries Ensure high-quality triage, investigation, and response aligned to SOC processes Drive team development through training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs ...

Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this is not a purely … schedules, handovers, and on-call rotations Act as the primary escalation point for security incidents and analyst queries Ensure high-quality triage, investigation, and response aligned to SOC processes Drive team development through training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs ...