1 to 25 of 485 Incident Response Jobs in the UK

Cyber Incident Response Manager - German Speaking

Hiring Organisation
KPMG UK
Location
City of London, London, United Kingdom
Cyber Response & Recovery Manager (109188) - German Speaking Base Location: London/Manchester plus network of 20 offices nationally: www.kpmg88careers.co.uk/experienced-professional/#LeBlender.OfficeLocations The KPMG Advisory function is a cornerstone of our business. Operating from locations across the UK, we do work that matters, serving the country with … applying sector knowledge and technology solutions to deliver the best possible outcomes and get it right first time. Why Join KPMG as a Cyber Response & Recovery Manager? The Cyber Response & Recovery Manager role will be working in the Cyber Response Services (CRS) Team within our Cyber Advisory ...

Security Incident Response Engineer (ServiceNow)

Hiring Organisation
INTEC SELECT LIMITED
Location
Warrington, Cheshire, England, United Kingdom
Employment Type
Contractor
Contract Rate
£100.00 per hour
Security Incident Response Engineer (ServiceNow) Contract: 6 Months (Likely Extension)Location: HybridIR35: Outside/LTD – £700PDSC Cleared/BPSSA highly reputable corporation is hiring an experienced ServiceNow Security Incident Response (SIR) Consultant to support the design, implementation and optimisation of a Security Incident Response capability for a Cyber Security Operations Centre (CSOC).This is an excellent opportunity to play a key role in enhancing cyber incident management processes, automating security workflows and integrating ServiceNow Security Operations with wider security tooling. Key Responsibilities ServiceNow SIR Workflow Design & Development Design and configure ...

Cyber Response & Recovery Manager

Hiring Organisation
KPMG UK
Location
City of London, London, United Kingdom
Cyber Response & Recovery Manager (Remediation focus) Base Location: London/Manchester plus network of 20 offices nationally: www.kpmg88careers.co.uk/experienced-professional/#LeBlender.OfficeLocations Why Join KPMG as a Cyber Response & Recovery Manager? The Cyber Response & Recovery Manager role will sit within the Cyber Response Services team … KPMG’s Cyber Advisory practice, reporting into the cyber response leadership team. Cyber security is one of the areas KPMG has identified for significant investment and growth. Our clients continue to face increasingly destructive cyber threats, particularly ransomware, destructive malware, business email compromise, Active Directory compromise, cloud compromise ...

Head of Threat Defence, Paddington

Hiring Organisation
Morson Edge
Location
London, United Kingdom
Employment Type
Permanent, Work From Home
ownership of a threat defence strategy and service. The role will focus on leading a team responsible for security operations, incident detection and response and threat intelligence which will be delivered through partnership with outsourced providers and IT. We're looking for a motivated and experienced individual … This role will have line management responsibilities for 3 of the team: a Threat Intelligence Lead, a TD Service Operations Lead and a Cyber Incident Response Lead. The role requires DV clearance and a minimum of 2 days per week in the Paddington Office. Occasional travel to other ...

Security Incident Response Engineer

Hiring Organisation
NonStop Consulting
Location
Warrington, Cheshire, United Kingdom
Employment Type
Contract
Contract Rate
£100/hour
Details at a Glance Role: Security Incident Response Engineer Location: Warrington - hybrid, typically 2 days per week on site Contract length: 6 months (with strong potential for extension based on performance and project needs) IR35 status: Out of Scope Rate: 100/hour Clearance: Existing SC preferred … Would Be Doing This role sits at the intersection of cyber operations and ServiceNow engineering. You would be responsible for designing and embedding robust incident response capabilities in the ServiceNow Security Incident Response (SIR) module, closely aligned to NCSC and best-practice frameworks. ServiceNow SIR workflow ...

Cyber Operations Manager

Hiring Organisation
Prime Personnel
Location
South West London, London, United Kingdom
Employment Type
Permanent, Work From Home
lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

Cyber Operations Manager

Hiring Organisation
Prime Personnel UK
Location
SW1E, Victoria, Greater London, United Kingdom
Employment Type
Permanent
Salary
£95000 - £110000/annum + Benefits & Bonus
lead and line-manage London-based cyber security team (x3/x4), assure the local delivery of globally-prioritised work, and act as Incident Commander and first point of escalation for cyber security in London. The role additionally leads the Endpoint, Platform and Incident Response capability, owning … global prioritisation of that backlog against enterprise cyber risk. Previous Experience Required: Led or coordinated cyber security incident response as an Incident Commander or equivalent, working with MDR providers and cross-functional stakeholders (IT, Legal, Compliance). A strong, hands-on technical background in operational cyber security ...

Cyber Security Incident Response Analyst

Hiring Organisation
Centrica - CHP
Location
Windsor, Berkshire, South East, United Kingdom
Employment Type
Permanent, Work From Home
opportunity to play your part - Ready to be on the frontline of cyber defence? At Centrica, we're looking for a talented Cyber Security Incident Response Analyst to join our Cyber Security Incident Response Team (CSIRT). In this role, you'll investigate and respond … fast-paced and ever-evolving cyber landscape. Location : UK-based hybrid role, Occasional travel to site. Day to day Lead and support cyber security incident investigations across Centrica, analysing and responding to threats ranging from phishing and credential compromise to ransomware, data loss and complex security events. Manage incidents ...

Cyber Security Analyst

Hiring Organisation
Leonardo
Location
Yeovil, United Kingdom
develop and grow, so why not join us.\ NSo let's get down to what you will do!\ N - Provide monitoring,alerting and incident handling services within the SOC in line with SLAs.\ N - Act as the initial analytical reference point for identifying and then quantifying the nature … extent of security incident and offer initial professional advice relating to possible business impact in order to reduce both the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)\ N - Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident ...

Cyber Security Analyst (Yeovil)

Hiring Organisation
Leonardo
Location
Yeovil, Somerset, UK
Employment Type
Part-time
develop and grow, so why not join us. \n So let's get down to what you will do! \n • Provide monitoring, alerting and incident handling services within the SOC in line with SLAs. \n • Act as the initial analytical reference point for identifying and then quantifying the nature … extent of security incident and offer initial professional advice relating to possible business impact in order to reduce both the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) \n • Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident ...

Graduate SOC Analyst

Hiring Organisation
CyPro
Location
London Area, United Kingdom
pigeonholed into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations. You’ll play a key role in our Security Operations Centre, delivering … monitoring, detection and response to our growing customer base. You’ll contribute to building out our capabilities, improving tooling and processes, and shaping how we operate as the function matures. As the team grows further, you’ll have the flexibility to focus more deeply on the areas that interest ...

Senior Cyber Security Analyst

Hiring Organisation
Hays Technology
Location
Bolton, Greater Manchester, United Kingdom
Employment Type
Permanent
Salary
£45000 - £55000/annum plus bonus and benefits
Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Cyber to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead ...

Network Security Manager

Hiring Organisation
Pearson Whiffin IT & Digital
Location
Dartford, Kent, South East, United Kingdom
Employment Type
Permanent
Salary
£95,000
Cyber & Network Security Manager We are seeking an experienced Cyber & Network Security Manager to lead the delivery of all security operations, drive cyber incident response, and provide enterprise-wide oversight of network security. This is an operational leadership role at the centre of the cyber defence function. … Security Operations Centre (SOC) services. Act as the senior operational escalation point for cyber security incidents and major security events. Own and coordinate cyber incident response activities, ensuring effective containment, eradication, recovery, and lessons learned. Develop, maintain, and test cyber incident response plans, procedures, and playbooks. ...

Head of Security Operations

Hiring Organisation
Jobleads-UK
Location
Wolverhampton, England, United Kingdom
will be accountable for the effective operation, continuous improvement and resilience of the Bank's security operations capability, covering Security Operations Centre monitoring and response, Identity and Access Management services, security analysis, operational security controls and supplier-delivered security services. The Head of Security Operations is a senior leadership … India offices, supported where appropriate by third-party managed security service providers. The team provides 24x7 or extended-hours security monitoring and response, identity and access management operations, vulnerability and threat analysis, security tooling administration, control assurance support, reporting, and operational support. Your responsibilities will include... Security Operations Leadership ...

Cyber Security Specialist

Hiring Organisation
LHH
Location
Wokingham, England, United Kingdom
energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

Security Operations Technical Lead

Hiring Organisation
AJ BELL BUSINESS SOLUTIONS LIMITED
Location
Salford, Greater Manchester, North West, United Kingdom
Employment Type
Permanent
that security operations activities are executed efficiently, consistently and in line with defined SLAs and operational standards, through hands-on technical leadership across SOC, Incident Response, Threat Intelligence, Insider Risk and Vulnerability Management. This role acts as a senior technical escalation point, supporting complex investigations and driving improvements … detection, response, automation and operational processes. The role holder is expected to lead through expertise, supporting analysts and ensuring Security Operations operates with discipline, quality and continuous improvement. The key responsibilities of the role are: Act as the primary technical escalation point for security events and incidents identified ...

Security Operations Technical Lead (Manchester)

Hiring Organisation
AJ Bell
Location
Manchester, UK
Employment Type
Part-time
that security operations activities are executed efficiently, consistently and in line with defined SLAs and operational standards, through hands-on technical leadership across SOC, Incident Response, Threat Intelligence, Insider Risk and Vulnerability Management. \n This role acts as a senior technical escalation point, supporting complex investigations and driving … improvements in detection, response, automation and operational processes. The role holder is expected to lead through expertise, supporting analysts and ensuring Security Operations operates with discipline, quality and continuous improvement. \n The key responsibilities of the role are: \n \n Act as the primary technical escalation point for security ...

Security Operations Technical Lead

Hiring Organisation
AJ Bell
Location
Manchester, United Kingdom
that security operations activities are executed efficiently, consistently and in line with defined SLAs and operational standards, through hands-on technical leadership across SOC, Incident Response, Threat Intelligence, Insider Risk and Vulnerability Management.\ NThis role acts as a senior technical escalation point, supporting complex investigations and driving improvements … detection, response, automation and operational processes. The role holder is expected to lead through expertise, supporting analysts and ensuring Security Operations operates with discipline, quality and continuous improvement.\ NThe key responsibilities of the role are:\ N\nAct as the primary technical escalation point for security events and incidents identified ...

Cyber Incident Response Consultant - Multiple Levels

Hiring Organisation
IBEX RECRUITMENT LTD
Location
United Kingdom
Employment Type
Permanent, Work From Home
tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...

Solicitor

Hiring Organisation
CyberClan
Location
United Kingdom
carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology … business operations. Role Overview: This role supports the CERT/Sales team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in house or private practice experience who’s ready to grow into a broader commercial legal role. This ...

Senior Security Engineer

Hiring Organisation
Intec Select Ltd
Location
London, United Kingdom
Employment Type
Contract
Contract Rate
GBP 700 Daily
must have active SC clearance. You will play a key role in implementing, configuring, and managing Palo Alto Networks XSIAM to improve threat detection, incident response, security monitoring, and operational resilience. This is an excellent opportunity for a senior security professional to support a major cyber security initiative … Cyber Security Standard. Key Responsibilities: Implement and manage Palo Alto Networks XSIAM security platform Configure security policies, rules, and monitoring capabilities Improve threat detection, response, and security automation Investigate security alerts and support incident response activities Integrate security tools and enhance operational workflows Provide technical guidance ...

Senior Security Engineer

Hiring Organisation
Intec Select Ltd
Location
London, Canary Wharf, United Kingdom
Employment Type
Contract
Contract Rate
£700/day
must have active SC clearance. You will play a key role in implementing, configuring, and managing Palo Alto Networks XSIAM to improve threat detection, incident response, security monitoring, and operational resilience. This is an excellent opportunity for a senior security professional to support a major cyber security initiative … Cyber Security Standard. Key Responsibilities: Implement and manage Palo Alto Networks XSIAM security platform Configure security policies, rules, and monitoring capabilities Improve threat detection, response, and security automation Investigate security alerts and support incident response activities Integrate security tools and enhance operational workflows Provide technical guidance ...

Sr. Backend Engineer, Cloud - Threat Detection / Incident Response (Hybrid, London)

Hiring Organisation
Jobleads-UK
Location
Greater London, England, United Kingdom
join a mission that matters? The future of cybersecurity starts with you.About the Role:Does building systems that help security analysts close a critical incident before it becomes a breach excite you? Does correlating and analyzing data at trillions-of-events-per-day scale sound like the kind … defend themselves from sophisticated cyberattacks? We'd love to meet you.We are seeking a Senior Software Engineer, Cloud to join our Threat Detection and Incident Response (TDIR) team, helping revolutionize security management with our AI-native Falcon Next-Gen SIEM platform – enabling customers to detect, investigate, and hunt ...

Senior Cyber Security Engineer

Hiring Organisation
NTT Global Data Centers EMEA UK ltd
Location
City of London, London, United Kingdom
Employment Type
Permanent
tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Senior Security Platform Engineer

Hiring Organisation
NTT Global Data Centers
Location
EC4N, Cordwainer, Greater London, United Kingdom
Employment Type
Permanent
tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: • Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. • Directs complex security incident response efforts across multiple vectors—endpoint protection, EDR, malware analysis, network and computer forensics—ensuring rapid containment and root cause analysis. • Designs and executes ...