1 to 25 of 415 Incident Response Jobs in the UK

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team and lead the Incident Response efforts, overseeing the end-to-end incident response lifecycle, from detection and containment to eradication, recovery and post incident ...

security stacks. The ideal candidate will have expertise in monitoring and analyzing security incidents in SOC. Your Responsibilities (Up to 10, Avoid repetition) 1. Incident Detection and Response Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize … security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures. Quality Assurance for SOC L1, monitoring and triaging. 2. Incident Detection and Response Lead investigations and remediation of complex ...

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join … large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront ...

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join … large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront ...

Role Overview We are seeking an experienced SOC Operator to support a public sector security operations capability, with a focus on threat detection, incident response, and collaboration with delivery teams to improve security monitoring and resilience. The role involves developing detection content aligned to recognised threat frameworks, supporting … incident investigations, and helping technical and non-technical stakeholders prepare for and respond to security incidents. Key Responsibilities Develop and maintain SIEM rules and alerts in Splunk , mapped to the MITRE ATT&CK framework Analyse security events and alerts to identify potential threats and incidents Contribute to and lead ...

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team click apply for full job details ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

Cyber Fusion Center (CFC). This critical, senior-level individual contributor will integrate IAM principles and controls into our security operations and incident response framework. You will be a technical expert with knowledge of the threat environment from the perspective of identity and access management. You will … threat intelligence and operational insights to inform and mature our IAM policies, standards, and controls. You will partner with CFC analysts, threat hunters, and incident responders to provide subject matter expertise during active investigations and to strengthen our security posture. This is a hybrid, Nottingham-based role reporting ...

firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal … regulatory reporting, client and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response ...

Operations Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … escalation for junior analysts. Serve as a technical subject matter expert on client engagements, presenting findings to senior stakeholders. Participate in alert testing, incident response exercises, and threat hunting activities. Stay up to date with the latest threat intelligence and emerging attacker tactics. Additional Responsibilities (client-dependent): Threat ...

Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise to work … development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage and mentor SOC team members ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

join our team. This is a critical leadership role, overseeing the full security lifecycle — from architecture and policy development to operational resilience and incident response — across complex hybrid environments with a strong emphasis on cloud security (AWS and Azure). Your leadership will be central to ensuring that … into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Ability to establish and improve incident response playbooks ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do: Support SOC Manager to deliver the following SIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

secure ICT services supporting critical UK Defence systems. Operating within highly regulated, high-availability environments, they deliver resilient infrastructure, operational assurance, and rapid incident response across mission-critical platforms. The engineering teams work at the forefront of secure networking, virtualisation, automation, and monitoring technologies to ensure Defence systems … within secure Defence ICT environments, providing 24/7 operational support for mission-critical systems. The role ensures system availability, resilience, security, and rapid incident resolution in line with contractual SLAs and KPIs, combining deep infrastructure expertise with modern automation and monitoring practices to deliver stable and compliant services. ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security ...

closing date. What you will do Monitor security alerts and threat intelligence feeds to detect and respond to cyber incidents. Lead or support incident response activities, including investigation, containment, eradication, and recovery. Manage and maintain security tools such as Security Information and Event Management (SIEM), endpoint protection, vulnerability … personal development plan (known as Sgwrs). Any other reasonable duties requested commensurate with the grade of this role. Required to take part in incident response activities Your qualifications, experience, knowledge and skills In your application and interview you will be asked to demonstrate the following skills ...

present end-to-end security solutions aligned to business objectives Act as a trusted advisor on cyber security strategy and best practice Support incident response and improvement initiatives where required Produce clear technical documentation and recommendations Collaborate with cloud, networking and wider pre-sales teams Maintain relevant vendor … 5+ years’ experience in pre-sales or consulting within an MSP, reseller or systems integrator Strong understanding of SOC operations, security monitoring and incident response Solid knowledge of Microsoft security technologies Experience with SIEM, MDR/EDR, SSE and SASE solutions Knowledge of ISO 27002, CIS, NCSC ...

take ownership of day-to-day cyber security activities, stabilise the current security posture, and drive a backlog of critical actions across incident response, vulnerability management, and network security. It's a small team environment, so pace, urgency, and the ability to be effective quickly are essential. … infrastructure teams, balancing strategic oversight with hands-on execution to ensure progress is made. What you'll be doing: ?? Owning and progressing cyber incident response planning and readiness activities ?? Reviewing vulnerability scan outputs, prioritising risk, and driving remediation actions ?? Leading remediation activities from penetration testing and security assessments ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools … perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge ...