1 to 25 of 428 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’ Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology. Our goal … unauthorized access, malicious code. Job Summary This role serves as a critical leader within the global CERT and DFIR team, managing end-to-end incident response operations, including detection, analysis, containment, and remediation of security incidents. The position oversees the development and execution of incident response ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

This CIRT L3 Lead role is a hands-on leadership position responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment My client is an international Consultancy firm, specialising in Cyber Security looking for a hands … Cyber Incident Response Tech Lead , responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment. You will coordinate cross-functional technical teams during major incidents, drive containment and recovery, and own post-incident ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

issues. Root Cause Analysis: Conduct thorough root cause analysis for security incidents and systemic vulnerabilities, leveraging insights to drive developer training and systemic improvements. Incident Response Management: Act as Investigation Lead or Incident Commander during incident response efforts, including facilitating tabletop exercises to enhance … incident readiness. Skills & Experience: Expertise: Deep knowledge in vulnerability management, threat modeling, security architecture, and secure software development lifecycle (SDLC) practices. Incident Response Skills: Strong background in incident response, root cause analysis, and managing bug bounty programs. Communication Ability: Excellent communication and stakeholder management skills ...

Remote | Contract (Inside IR35) | 6+ Months | Rate (TBC) We are seeking a Network Security SMEto support our client in strengthening their contain-to-eradicate incident response capability. This role is focused on enabling rapid, controlled network isolation and eradication during high-impact security and operational incidents … regulated environment. This is a hands-on senior role requiring proven experience in enterprise-scale containment and incident response within security-critical environments. It is a contract position (Inside IR35) which is intially 6 months but likely to extend. The rate ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice click apply for full job details ...

selection, design, and transition from fragmented security tooling to a unified SIEM platform and security data lake . Drive a fundamental shift from incident-focused, task-based workflows to preventative security activities and platform optimisation . Proactive Threat Focus Guide the evolution from reactive alert handling to proactive threat … prompt injection, data poisoning, and model theft . Deploy and monitor “guardian agents” to provide real-time detection of malicious behaviour within AI systems. Incident Response & Resilience Guide the development, testing, and maintenance of advanced incident response plans , with a focus on high-impact threats such ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Entra, and related cloud environments to ensure security, reliability, and performanceincluding patching and maintaining EC2 instances and other cloud resources. Respond to and support incident management, troubleshooting, outage management, and root cause analysis for cloud platform issues, collaborating with DevOps and development teams as needed. Contribute to automation … runbooks, and knowledge base articles to support operational excellence and knowledge sharing. Continuously improve and update infrastructure and application alerts, ensuring rapid detection and response to issues before they impact customers. Manage and maintain cloud platform access, parameters, tokens, and permissions, supporting secure onboarding and offboarding of users ...

strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! About the role: The Cyber Security Incident Response Specialist would be member of CSIRT, part of Counter Threat & Engineering (CT&E) function, responding to cyber threats and security incidents globally. … relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...

highly client-facing role where you will guide businesses through practical resilience improvements, including: • Designing and delivering cyber crisis simulation exercises • Developing and enhancing incident management and response frameworks • Conducting capability and readiness reviews • Advising senior leadership teams on cyber preparedness strategy You will lead engagements from initial … scoping through delivery, working closely with executive stakeholders and technical teams to provide clear, actionable recommendations that improve response capability and organisational resilience. Those with a background in reactive Incident Response (either in-house or from Consulting already), who are wanting to move into an advisory ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. - Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working … optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What you'll be doing Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities. Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads. ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...

drive improvements to tools, processes, automation, and reporting to enhance programme maturity. Stay current with emerging vulnerabilities, zero-day threats, and vendor advisories. Support incident response activities where vulnerabilities are linked to potential security events. What Youll Bring Proven experience in vulnerability management, cyber security operations … SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response and investigations. Excellent stakeholder management skills, with the confidence to challenge and influence both technical and non-technical teams. Strong understanding ...