1 to 25 of 619 Incident Response Jobs in the UK

Senior Security Engineer – Detection & Response – EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta’s environment, proactively … monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong ...

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response and forensic investigation services across our client's customer and internal environments. In this role, you will lead cyber incident investigations, conduct forensic analysis across endpoint, network, and cloud environments, and work closely with security operations teams to identify, contain, and remediate threats. You will also ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Role Purpose: To manage and service NCC Group clients within the Incident Response space. The Managing Consultant plays a critical role within the DFIR team of experienced consultants, delivering high‐quality incident response and proactive services to clients. The role involves leading and contributing to detailed technical analysis, managing incident response activities, and ensuring effective communication and coordination throughout an engagement. With a strong focus on technically supporting clients during live incidents, the Managing Consultant is also expected to contribute ...

UBDS group is seeking a highly skilled Senior Digital Forensics and Incident Response (DFIR) Consultant to lead and support complex cyber incident investigations and response activities. The primary focus of this role is the delivery of DFIR services to external clients, ensuring high-quality, timely … professional incident response and forensic capabilities. In addition, the role will support internal cyber security operations and improvement initiatives as required. This role will work closely with Security Operations Centre (SOC) and Infrastructure Operations Centre (IOC) engineers to identify, contain, and remediate cyber threats, while enhancing both client ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Partnerships Lead – Cyber Insurance & Incident Response About the Opportunity We are partnering with a high-growth cybersecurity vendor looking to appoint a Partnerships Lead focused on developing strategic relationships across the cyber insurance and incident response ecosystem. This is a unique opportunity to build and scale … partnerships with insurers, brokers, risk advisory firms, and incident response providers across EMEA. The successful candidate will be responsible for creating and executing joint go-to-market initiatives, developing partner programs, and driving commercial outcomes through a growing ecosystem of industry partners. Working cross-functionally with sales, marketing ...

Information Security Incident Manager Location: Leeds (Hybrid – 2 days per week on site). Contract: Permanent, Full Time. Salary: £70,000 - £80,000 (DOE). Job Overview The Information Security Incident Manager will lead the organisation’s response to cyber security incidents, strengthening overall resilience. The role … commands major cyber incidents, coordinating technical and business teams, ensuring effective governance, preparedness, and regulatory compliance. Responsibilities Lead the organisation’s cyber incident response, coordinating technical, operational, and business activities from containment to recovery. Act as Cyber Incident Commander for major incidents, setting priorities, directing response ...

Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play … role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will ...

play a critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct … detail and high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation ...

position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued … state of the art tools for maximum impact, then we have a home for you. The successful candidate will work with a team of incident responders at one of Visa's Cyber Fusion Centers. The team is part of a larger organization located across multiple geographical sites that ...

Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response ...

robust automated solutions. Working in close collaboration with Global Information and Cyber Security Defence (ICSD) function, this role identifies opportunities to streamline processes, accelerate incident response, and reduce operational overhead through intelligent automation, leveraging Artificial Intelligence (AI) and Large Language Models (LLMs). In addition to building scalable … manual security operations and workflows. Leverage LLM-powered platforms such as Microsoft Security Copilot to support cybersecurity tasks including threat hunting, triage, investigations and response, and creating security incident response playbooks. Build and maintain SOAR playbooks integrated with various security platforms (e.g., SIEMs, EDRs, identity platforms ...

Security Manager will work closely with Network Engineering, Systems, NOC, Infrastructure, Field Operations and third-party security providers to ensure effective threat detection, incident response, vulnerability management and continuous security improvement Responsibilities Cyber Security Strategy & Governance Define, implement, and maintain Airband’s cyber and information security strategy, policies … security controls are implemented across service provider infrastructure, including routing, switching, peering, transit and customer edge environments. Develop and maintain DDoS detection, mitigation and response capabilities to protect critical network services and customer connectivity. Maintain working knowledge and operational application of service provider security principles including BCP38 anti-spoofing ...

LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: Grade Level (for internal use): 11 The Role As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company's security program, ensuring … decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response ...

Senior Incident Response Specialist - Manchester £50-85k DOE Hybrid Manchester (1 day/week with flexibility) Must either hold SC Clearance or be eligible for SC Clearance We are seeking an experienced Incident Response Specialist to deliver high-quality cyber incident response ...

Lead Incident Response Consultant – CNI & Industrial Cyber (Remote) In an era where cyber threats have moved from data theft to physical disruption, the stakes for Operational Technology (OT) have never been higher. We are partnering with a well-regarded UK Cyber Security consultancy evolving their OT incident response practice. This is a rare opportunity to own and develop a specialist OT Incident Response service line, bringing to market a proprietary vision of best practice that protects the utilities, transport, and energy systems the country relies on. The Role You will ...

energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

cyber security challenges, and wants to make a real impact within a large-scale enterprise environment. Key Responsibilities Lead and coordinate cyber operations and incident response activities across the organisation. Support the enhancement of cyber containment and response capabilities. Manage and respond to complex cyber security incidents … governance, and security control initiatives. Skills & Experience Required To be successful in this role, you should have: Strong hands-on experience in Cyber Security Incident Response or Cyber Operations. Deep technical expertise in one or more incident response related domains, including: SOC Operations Malware Analysis Endpoint ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...