1 to 25 of 415 Incident Response Jobs in the UK

Director, Digital Forensics & Incident Response (Global)

Hiring Organisation
Jobleads-UK
Location
Manchester, England, United Kingdom
Director, Digital Forensics & Incident Response (Global) Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Reporting To: Matt Hull (Open to Associate Director with progression path to Director) Description The purpose of this role is to lead NCC Group’s global Digital Forensics … Incident Response (DFIR) capability, ensuring effective preparedness, response, recovery, and continuous improvement across cyber incident management and forensic investigations. The global DFIR team will consist of regionally distributed colleagues, delivering a consistent, scalable, and market-leading service that protects client assets, reputation, and business operations. ...

Security Incident Response Engineer (ServiceNow)

Hiring Organisation
INTEC SELECT LIMITED
Location
Warrington, Cheshire, England, United Kingdom
Employment Type
Contractor
Contract Rate
£100.00 per hour
Security Incident Response Engineer (ServiceNow) Contract: 6 Months (Likely Extension)Location: HybridIR35: Outside/LTD – £700PDSC Cleared/BPSSA highly reputable corporation is hiring an experienced ServiceNow Security Incident Response (SIR) Consultant to support the design, implementation and optimisation of a Security Incident Response capability for a Cyber Security Operations Centre (CSOC).This is an excellent opportunity to play a key role in enhancing cyber incident management processes, automating security workflows and integrating ServiceNow Security Operations with wider security tooling. Key Responsibilities ServiceNow SIR Workflow Design & Development Design and configure ...

Head of Threat Defence, Paddington

Hiring Organisation
Morson Edge
Location
London, United Kingdom
Employment Type
Permanent, Work From Home
ownership of a threat defence strategy and service. The role will focus on leading a team responsible for security operations, incident detection and response and threat intelligence which will be delivered through partnership with outsourced providers and IT. We're looking for a motivated and experienced individual … This role will have line management responsibilities for 3 of the team: a Threat Intelligence Lead, a TD Service Operations Lead and a Cyber Incident Response Lead. The role requires DV clearance and a minimum of 2 days per week in the Paddington Office. Occasional travel to other ...

Senior Security Engineer, Security Incident Response Team (SIRT)

Hiring Organisation
Jobleads-UK
Location
United Kingdom
listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Security Engineer, Security Incident Response Team (SIRT) based in United Kingdom. This is an exciting opportunity to join a globally distributed cybersecurity team responsible for protecting large … scale cloud environments and critical platforms against evolving threats. In this role, you will lead high-impact incident response activities, investigate sophisticated security events, and help shape modern detection and response capabilities through automation and AI-driven approaches. You will work closely with cross-functional teams across ...

Security Incident Response Engineer

Hiring Organisation
NonStop Consulting
Location
Warrington, Cheshire, United Kingdom
Employment Type
Contract
Contract Rate
£100/hour
Details at a Glance Role: Security Incident Response Engineer Location: Warrington - hybrid, typically 2 days per week on site Contract length: 6 months (with strong potential for extension based on performance and project needs) IR35 status: Out of Scope Rate: 100/hour Clearance: Existing SC preferred … Would Be Doing This role sits at the intersection of cyber operations and ServiceNow engineering. You would be responsible for designing and embedding robust incident response capabilities in the ServiceNow Security Incident Response (SIR) module, closely aligned to NCSC and best-practice frameworks. ServiceNow SIR workflow ...

Senior Cyber Security Analyst

Hiring Organisation
Hays Technology
Location
Bolton, Greater Manchester, United Kingdom
Employment Type
Permanent
Salary
£45000 - £55000/annum plus bonus and benefits
Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Cyber to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead ...

Network Security Manager

Hiring Organisation
Pearson Whiffin IT & Digital
Location
Dartford, Kent, South East, United Kingdom
Employment Type
Permanent
Salary
£95,000
Cyber & Network Security Manager We are seeking an experienced Cyber & Network Security Manager to lead the delivery of all security operations, drive cyber incident response, and provide enterprise-wide oversight of network security. This is an operational leadership role at the centre of the cyber defence function. … Security Operations Centre (SOC) services. Act as the senior operational escalation point for cyber security incidents and major security events. Own and coordinate cyber incident response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. ...

Head of Security Operations

Hiring Organisation
Jobleads-UK
Location
Wolverhampton, England, United Kingdom
will be accountable for the effective operation, continuous improvement and resilience of the Bank's security operations capability, covering Security Operations Centre monitoring and response, Identity and Access Management services, security analysis, operational security controls and supplier-delivered security services. The Head of Security Operations is a senior leadership … India offices, supported where appropriate by third-party managed security service providers. The team provides 24x7 or extended-hours security monitoring and response, identity and access management operations, vulnerability and threat analysis, security tooling administration, control assurance support, reporting, and operational support. Your responsibilities will include... Security Operations Leadership ...

IT Security & Compliance Lead

Hiring Organisation
Jobleads-UK
Location
City of Edinburgh, Scotland, United Kingdom
company grows. You'll build our IT security function from the ground up — covering device management, identity and access, infrastructure controls, and incident response — while also owning the compliance and AI governance work that keeps enterprise customers confident in how we operate. It's a hands‐on, build … tools like Okta. Own infrastructure and cloud security controls across our environment (e.g. AWS), working closely with Engineering to keep systems hardened. Security Operations & Incident Response Lead security incident response — full lifecycle investigations, coordinating with internal teams and external partners (e.g. SOCaaS providers), and running post ...

Security Operations Technical Lead

Hiring Organisation
AJ BELL BUSINESS SOLUTIONS LIMITED
Location
Salford, Greater Manchester, North West, United Kingdom
Employment Type
Permanent
that security operations activities are executed efficiently, consistently and in line with defined SLAs and operational standards, through hands-on technical leadership across SOC, Incident Response, Threat Intelligence, Insider Risk and Vulnerability Management. This role acts as a senior technical escalation point, supporting complex investigations and driving improvements … detection, response, automation and operational processes. The role holder is expected to lead through expertise, supporting analysts and ensuring Security Operations operates with discipline, quality and continuous improvement. The key responsibilities of the role are: Act as the primary technical escalation point for security events and incidents identified ...

Senior Security Engineer

Hiring Organisation
Intec Select Ltd
Location
London, United Kingdom
Employment Type
Contract
Contract Rate
GBP 700 Daily
must have active SC clearance. You will play a key role in implementing, configuring, and managing Palo Alto Networks XSIAM to improve threat detection, incident response, security monitoring, and operational resilience. This is an excellent opportunity for a senior security professional to support a major cyber security initiative … Cyber Security Standard. Key Responsibilities: Implement and manage Palo Alto Networks XSIAM security platform Configure security policies, rules, and monitoring capabilities Improve threat detection, response, and security automation Investigate security alerts and support incident response activities Integrate security tools and enhance operational workflows Provide technical guidance ...

Senior Security Engineer

Hiring Organisation
Intec Select Ltd
Location
London, Canary Wharf, United Kingdom
Employment Type
Contract
Contract Rate
£700/day
must have active SC clearance. You will play a key role in implementing, configuring, and managing Palo Alto Networks XSIAM to improve threat detection, incident response, security monitoring, and operational resilience. This is an excellent opportunity for a senior security professional to support a major cyber security initiative … Cyber Security Standard. Key Responsibilities: Implement and manage Palo Alto Networks XSIAM security platform Configure security policies, rules, and monitoring capabilities Improve threat detection, response, and security automation Investigate security alerts and support incident response activities Integrate security tools and enhance operational workflows Provide technical guidance ...

Sr. Backend Engineer, Cloud - Threat Detection / Incident Response (Hybrid, London)

Hiring Organisation
Jobleads-UK
Location
Greater London, England, United Kingdom
join a mission that matters? The future of cybersecurity starts with you.About the Role:Does building systems that help security analysts close a critical incident before it becomes a breach excite you? Does correlating and analyzing data at trillions-of-events-per-day scale sound like the kind … defend themselves from sophisticated cyberattacks? We'd love to meet you.We are seeking a Senior Software Engineer, Cloud to join our Threat Detection and Incident Response (TDIR) team, helping revolutionize security management with our AI-native Falcon Next-Gen SIEM platform – enabling customers to detect, investigate, and hunt ...

Cyber Security Analyst

Hiring Organisation
Holt Executive
Location
London, United Kingdom
Employment Type
Permanent
team. This is an excellent opportunity to join a fast-paced cybersecurity environment, helping to protect critical infrastructure and enterprise systems through proactive monitoring, incident response, and threat analysis. Working as part of a 24/7 operational security function, you will play a key role in identifying … monitoring tools, network infrastructure, and endpoint technologies. Investigate and triage security alerts to identify malicious activity and determine attack methods and techniques. Follow established incident response and escalation procedures to contain and mitigate security risks. Ensure all incidents are accurately documented, including indicators of compromise, evidence, and investigation ...

Senior Cyber Security Engineer

Hiring Organisation
NTT Global Data Centers EMEA UK ltd
Location
City of London, London, United Kingdom
Employment Type
Permanent
tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Senior Security Platform Engineer

Hiring Organisation
NTT Global Data Centers
Location
EC4N, Cordwainer, Greater London, United Kingdom
Employment Type
Permanent
tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: • Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. • Directs complex security incident response efforts across multiple vectors—endpoint protection, EDR, malware analysis, network and computer forensics—ensuring rapid containment and root cause analysis. • Designs and executes ...

Cyber Security Analyst

Hiring Organisation
Hays Technology
Location
Newport, Gwent, United Kingdom
Employment Type
Permanent
Salary
£43000 - £47000/annum Up to £47k + good benefits
will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle … Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge ...

Cyber Security Engineer

Hiring Organisation
Job Board Direct
Location
Omagh, Co. Tyrone, UK
Employment Type
Full-time
posture. This position offers an exciting opportunity to work in a fast-paced environment, handling cutting-edge technology and complex challenges in cybersecurity.Key Responsibilities:Incident Response (IR):Investigate and respond to security incidents, ensuring rapid containment, eradication, and recovery.Conduct root cause analysis of security breaches and create detailed … incident reports.Collaborate with stakeholders to refine and enhance the incident response plan and playbooks.Security Operations Center (SOC):Monitor and analyse security alerts and logs from various tools such as SIEM, IDS/IPS, and endpoint detection systems.Identify and escalate potential security threats or vulnerabilities in real-time.Continuously ...

Tech lead - SOC responder

Hiring Organisation
Colt Technology Services UK
Location
London, United Kingdom
Employment Type
Permanent, Work From Home
with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. This role operates at a Tier 3 level , with the expectation that … operational activities, Technology escalation support, Security Solution assessment, existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes Maintenance and enhancement ...

Cyber Security Engineer, Cloud Security, SIEM, Incident Response, COR7555

Hiring Organisation
Corriculo Ltd
Location
Oxford, Oxfordshire, England, United Kingdom
Employment Type
Full-Time
Salary
£55,000 - £70,000 per annum
Cyber Security Engineer, Cloud Security, SIEM, Incident Response, COR7555 An exciting opportunity has arisen for a Cyber Security Engineer to join a growing technology company based in Oxfordshire, working on a hybrid basis.This is a hands-on role focused on strengthening cyber security across cloud platforms, applications … business systems. Working closely with the CIO and development teams, the Cyber Security Engineer will play a key role in improving cloud security, incident response, vulnerability management, security monitoring and secure development practices, helping to enhance the organisation's overall cyber resilience.The company develops innovative software solutions ...

IT Security Manager

Hiring Organisation
IT Talent Solutions
Location
Godalming, Surrey, United Kingdom
Employment Type
Permanent
Salary
£55000 - £72000/annum + Bens
high-performing cyber security team Own and deliver the IT security strategy, policies, and best practices Oversee day-to-day security operations (SIEM, EDR, incident response, vulnerability management) Ensure compliance with frameworks such as ISO 27001, NIST, CIS Controls and GDPR Manage risk assessments, remediation planning, and continuous … Collaborate with engineering and infrastructure teams to embed Secure by Design principles Manage third-party security vendors and services Lead audits, compliance activities, and incident response planning Drive security awareness and foster a strong security culture across the business Key Skills & Experience Proven experience in a cyber security ...

IT Cyber Security Manager - Space Agency

Hiring Organisation
Standard 8
Location
Guildford, Surrey, England, United Kingdom
Employment Type
Full-Time
Salary
£65,000 - £70,000 per annum
security team Delivering the organisation's security roadmap and controls framework Acting as the senior escalation point for security-related issues Overseeing security operations, incident response and vulnerability management Supporting secure Azure and AWS environments Managing and optimising security tooling including SIEM, EDR and related platforms Reviewing projects … design principles across technology initiatives Managing third-party security providers and key supplier relationships Leading risk assessments, audit activities and compliance initiatives Maintaining incident response and business continuity capabilities Delivering security awareness and guidance across the wider business What We're Looking For You'll combine strong technical ...

IT Security Manager

Hiring Organisation
4Square Recruitment Ltd
Location
Guildford, Surrey, England, United Kingdom
Employment Type
Full-Time
Salary
£65,000 - £75,000 per annum
against evolving cyber threats while ensuring security controls remain practical, effective, and aligned with business needs. You will oversee security operations, risk management, governance, incident response, and security awareness activities. Working closely with IT, senior stakeholders, third-party suppliers, and wider business teams, you will help maintain … will manage security risks, vulnerabilities, audits, and assessments, ensuring appropriate remediation plans are in place and tracked through to completion. You will oversee incident response processes, investigating security events and coordinating effective responses to minimise business impact. You will work with internal teams and external suppliers to ensure ...

CIRT Analyst

Hiring Organisation
IMT Resourcing Solutions
Location
Cheltenham, Gloucestershire, United Kingdom
Employment Type
Contract
Contract Rate
£300/annum Up to £300 per day (Inside IR35)
major project by reviewing a large volume of applications and ensuring they meet security standards before deployment. Whilst there is some exposure to Cyber Incident Response activities, this is very much a hands-on security assessment role where you'll be expected to work independently and manage … management tools such as Qualys (or similar) to assess security risks. Support ongoing cybersecurity project delivery within a high-profile programme. Assist with Cyber Incident Response activities where required, including security monitoring and investigation. What we're looking for We're looking for someone ...

Senior Site Reliability Engineer - UK

Hiring Organisation
Jobleads-UK
Location
Greater London, England, United Kingdom
Ready for the challenge? The Role This role sits in the core Platform/SRE team that owns production. You’ll work directly on incident response, on‐call, system reliability, and day‐to‐day operations for Heidi’s platform. We’re open to candidates who are strong … role is intentionally ops‐heavy and focused on keeping real systems healthy in production. What you’ll do Participate in on‐call and incident response: Respond to production incidents, contribute to service restoration, and support clear communication during incidents. Over time, take increasing responsibility for leading incidents ...