1 to 25 of 345 Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

Incident Response Analyst – London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Incident Response Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part … posture through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly … strengthening EDR/XDR and DLP configurations, defining new automatic detections of security events in the SIEM, improving automatic security alerts triage and Incident Response playbooks, defining the runbooks to be used during Incident Response and leading the execution of Table Top Exercises (TTX) with different ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Title: Cyber Investigation and Forensic Response Manager/Senior Manager Location: UK Level: Manager & Senior Manager Salary: Competitive Salary & Package (Dependent on Experience) Travel: Expected travel across UK and EMEA Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years … fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer ...

interface between customer stakeholders and a global Security Operations Centre, ensuring the smooth delivery of 24/7 security monitoring and incident response services. This is a senior leadership role responsible for overseeing SOC operations, coordinating offshore analysts, improving detection and response capabilities, and ensuring strong governance … daily SOC operations supporting a global 24×7 security monitoring capability Guide SOC analysts (L1–L3) and threat hunters to ensure efficient investigation and response Monitor operational performance and ensure adherence to SLAs and response timelines Drive continuous improvement across SOC processes, procedures, and workflows Incident Response ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into the Head … SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation - and will play ...

Remote - £70,000 - £95,000 + Bonus Opus is partnered with a major UK enterprise undergoing significant investment in its cyber defence and incident response capability. They are looking for highly experienced DFIR Specialists to join their growing security function. This role is fully remote within … suited to professionals who thrive in complex, large‐scale environments where digital forensics and incident response are critical to business resilience. Key Responsibilities Lead and support end‐to‐end incident response, from initial triage through containment, eradication, and recovery. Conduct digital forensic investigations across endpoints, servers ...

CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID) KEY POINTS Senior operational security leadership role Lead Security Operations, Incident Response & Vulnerability Management Hybrid working - minimum 2 days per week onsite in the Chester Area Competitive salary ABOUT THE CLIENT We're working with a well-established UK organisation recognised … responsible for leading the day-to-day operational security activities that protect the organisation's systems and data. You'll manage security monitoring, incident response, and vulnerability management processes, ensuring they remain effective, efficient, and aligned with industry best practice. A key part of the role will ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … internal Security Operations team, overseeing daily operational activities and performance Define and implement the strategy and operational roadmap for security monitoring, detection, and response Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider … intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. if you have strong relevant expertise ...

build integrated, automated security workflows that support modern security operations. Key Responsibilities Define and own the ServiceNow SecOps architecture across modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM … SOAR, EDR platforms, threat intelligence feeds, and CMDB. Collaborate with cybersecurity, IT operations, and engineering teams to design secure workflows for incident response, vulnerability management, and risk mitigation . Lead platform strategy and define the roadmap for ServiceNow SecOps capabilities across the organisation. Ensure solutions are scalable, secure ...

mature, multi-client SOC Drive real improvements to tooling, playbooks, and threat detection capability Mentor and develop a team of skilled Analysts and Incident Responders Engage directly with senior stakeholders and shape security strategy Work within a collaborative leadership team that values your expertise WHAT … carry full operational responsibility for service delivery, performance, and continuous improvement. Leadership & Team Development Lead, mentor, and develop a team of SOC Analysts and Incident Responders Conduct regular performance reviews and create structured development plans Foster a culture of continuous improvement and operational excellence Incident Management Oversee ...

Remote | Contract (Inside IR35) | 6+ Months | Rate (TBC) We are seeking a Network Security SMEto support our client in strengthening their contain-to-eradicate incident response capability. This role is focused on enabling rapid, controlled network isolation and eradication during high-impact security and operational incidents … regulated environment. This is a hands-on senior role requiring proven experience in enterprise-scale containment and incident response within security-critical environments. It is a contract position (Inside IR35) which is intially 6 months but likely to extend. The rate ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice click apply for full job details ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly ...

security environment. The successful consultant will play a key role in strengthening the organisation’s security operations capability, helping to modernise threat detection, automate response workflows, and improve visibility across the security ecosystem. Key Responsibilities Lead the implementation and configuration of Palo Alto XSIAM within an enterprise SOC environment … Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and reduce manual ...

getting organised ahead of their anticipated growth plans! We’re focused on finding them a Security Operations Analyst to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes the opportunity to develop in to line management and beyond … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...