1 to 25 of 385 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering proactive incident readiness engagements. You will work closely with organisations to strengthen their preparedness. This includes reviewing and developing incident response plans, facilitating tabletop exercises, running simulated attack scenarios ...

Incident Response Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against sophisticated cyber adversaries, including … nation states and organised criminal groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work with cutting-edge technologies ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Cyber Incident Response Analyst London - Onsite 2/3 days a week ASAP Start - November 26 £300 per day - Inside of IR35 We are looking for a Cyber Incident Response Analyst to join a small, highly visible cyber security team and step in for an existing … another project for the next 6-9 months. This role sits on the "Respond" side of Cyber Security, focusing on end-to-end cyber incident management, stakeholder communications, and clear reporting. With increased workload driven by the client merger, this is a key role supporting the organisation's security ...

Cyber Response Planning Lead - Reading, Berkshire, RG1 8DB Contract: PermanentSalary: Competitive salary between £68,000 and £78,000 per annumAs a Cyber Response Planning Lead , you will play a key role within the Cyber Resilience and Information Security team at Thames Water, supporting the organisation’s preparedness … respond effectively to cyber incidents across critical infrastructure. Working closely with cybersecurity leadership, IT and OT teams, and business stakeholders, you will ensure that incident response capabilities are robust, tested, and continuously improved. This role contributes to Thames Water’s cybersecurity resilience by designing and delivering cyber incident ...

user environments. The role You will work closely with security, infrastructure, and architecture teams to design and improve secure technology environments, support incident response, and help drive a security-by-design approach across the wider estate. This role will suit someone with strong experience across Microsoft Sentinel & M365 … user environments Hands-on work with Microsoft Sentinel, M365 Defender , Defender for Cloud, Entra ID, and Conditional Access Supporting the SOC with incident response, vulnerability remediation and escalation Automating repeatable security tasks and improving operational efficiency Supporting compliance requirements, including PCI-DSS Acting as a senior point ...

clear mandate to progressively absorb higher-value operational ownership into Cyber Security. Over time, this role becomes the centre of gravity for detection engineering, incident response, and threat-driven defence.When major incidents occur, you are the technical authority. You make decisions under uncertainty, set priorities, and advise executives … high-severity security incidents* Owning adversary-focused defence, including threat modelling, detection engineering, and threat hunting strategy* Designing and enforcing runbooks, escalation models, and incident response playbooks* Setting security standards and having authority to block or escalate high-risk architectural decisions* Building and scaling Cyber Security capabilities, including ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

teams, automate workflows, and integrate with existing security tools to detect, prioritize, and remediate threats faster. It includes multiple modules such as Security Incident Response (SIR), Vulnerability Response (VR), and Threat Intelligence, among others. Security Incident Response (SIR) is a specific module within SecOps focused … While SecOps is the umbrella platform, SIR is one of its core capabilities. Key Differences: * Scope: SecOps: End-to-end security operations platform covering incident response, vulnerability management, threat intelligence, and orchestration. SIR: Specializes in handling security incidents-from detection to resolution. * Primary Use Case: SecOps: Aligns security ...

agreed service catalogue. You will integrate Threat Intelligence into core cyber security functions, including threat management, threat modelling, vulnerability management, and cyber incident response, supporting rapid response to emerging and zero-day threats. The role will also contribute to the ongoing maturation of the Threat Defence … provided. Essential Experience: Proven experience delivering a Threat Intelligence function and working closely with Information Security teams, including SOC, CIRT/CERT/CSIRC, incident response, and cyber defence operations. Demonstrable experience supporting the development and delivery of cyber defence strategies, including threat management, metrics, reporting, and intelligence ...

client relationship teams with security assurance materials and briefings Build and maintain trust with enterprise clients through transparency, responsiveness, and credible security governance Incident Response Own the group's incident response plan and ensure it is tested, maintained, and ready to activate Lead or co‐ordinate … response to security incidents, acting as the central point of communication to leadership and relevant stakeholders Conduct post‐incident reviews and drive learning back into policies and controls Risk & Governance Reporting Report regularly to the board Risk Committee on the current security posture, identified risks, and the programme ...

ensure products are secure by design and resilient in production. PSLs define and implement security policies, manage vulnerability backlogs, and lead threat modelling and incident response efforts. What you'll own Define and implement security policies and tooling across the product life cycle, from design and development … ensure timely remediation. Conduct root cause analysis (RCA) for security incidents and systemic vulnerabilities, using insights to drive developer training and systemic fixes. Drive incident response efforts as Investigation Lead or Incident Commander, including facilitating tabletop exercises to test and improve incident readiness. What you bring ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

such as QRadar, Microsoft Sentinel and LogRhythm, identifying and responding to threats, investigating and triaging incidents, and escalating where appropriate. You'll contribute to incident response activities, trend analysis, reporting, rule tuning and continual service improvement, while working within a structured incident response lifecycle. This … call requirement. What this role is and is not This role is: A hands-on SOC analyst position focused on live monitoring, investigation and response An onsite role within a 24/7 secure operations environment A role suited to individuals who enjoy operational security, teamwork and threat monitoring ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Lead SOC Analyst, the position will act as the escalation point for complex security incidents, driving investigations, guiding junior analysts, and ensuring effective response and remediation across critical systems. Whats on Offer Salary: £55,000 £65,000 25% shift allowance on top of base salary Structured shift pattern … days and nights (3 days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should ...

with hybrid identity, AAD Connect, and secure authentication methods (MFA, SSO). Familiarity with privileged access management (PAM) or PIM solutions. Strong troubleshooting and incident-response skills. Soft Skills Strong communication skills and ability to work with business stakeholders. Strong communication skills with the ability to interact with … PowerShell and Microsoft Identity solutions. Manage service accounts, privileged accounts, and password policies. Work with HR and application teams to streamline identity lifecycle operations. Incident Response & Troubleshooting Investigate authentication failures, account lockouts, replication issues, and access anomalies. Support incident response for identity related threats such ...