1 to 25 of 386 Incident Response Jobs in the UK

Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be … a part of the first line of defence in Experian's broader incident response and incident management departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and … recovering from events falling in its scope or escalating higher-risk events to dedicated incident response and management teams in the CFC. This role is critical in ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. More ❯

Description Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them … capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help … mission-critical applications on top of AWS services. Eligibility Requirements Successful applicants must have the legal right to work in the UK Key job responsibilities Perform and oversee security incident response operations Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event. Independently contribute to teams that include Amazonians More ❯

to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Job Title: Junior Incident Response Specialist Requisition ID: 122450 Location: Mainly home based with International travel, approximately 1 week every 2 months and occasional travel to the offce - Frimley, Guildford, Manchester, Gloucester … London Grade: GG08 Referral Bonus: £5,000 Incident Response Specialist BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors and intrusions on a daily basis. We have a vacancy for a Digital Forensics & Incident Response Specialist. … The successful candidate would be expected to conduct forensic analysis of Windows, Linux and macOS systems, analyse log files such as firewall, proxy and DNS logs, lead incident response investigations, threat research and malware-based investigations. Members of the Incident Response team are encouraged to learn about other areas of the wider business (such as Threat More ❯

Big 4 consultants, federal regulators, threat intel and dark web experts, etc. We have helped clients and partners for 10+ years across industries and geographies with the following services: Incident Response, Intelligence, and Investigations. End Point & Managed Detection & Response. Technology, Privacy, and Cyber Risk Advisory. The EMEA Cyber Security & Privacy practice is growing and has ambitions to expand … its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security, AI security and managed detection & response services. Why Join Ankura Have the opportunity to get involved in challenging client projects with both Proactive and Reactive work. We can support and develop individuals who aspire to be an expert. Vast opportunities for … Academy. Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication. Role We are seeking a Manager level candidate with Incident Response and project management experience gained in professional services. Responsibilities Respond to cyber incidents reported by clients Manage cyber incident responses and incident response teams More ❯

to protect IT infrastructure, cloud environments, and data assets across the enterprise. This position provides strategic oversight of the Security Operations Centre (SOC) and threat detection capabilities, leads the incident response and vulnerability management programmes, and drives the optimisation of security technologies and automation. This position also plays a key role in shaping internal security policies, standards and … effectively with senior stakeholders, technology teams, and external partners. Key Accountabilities Security Operations: Provide leadership for security operations, ensuring effective management of Security Operations Centre (SOC) and Managed Detection & Response (MDR) services. Oversee threat detection, monitoring, and incident response capabilities, ensuring operational excellence and continuous improvement. Incident Response: Develop the incident response strategy … ensuring robust processes for timely detection, triage, containment, and recovery from security incidents. Oversee collaboration with internal teams and external partners, and provide executive-level visibility on incident impact and response effectiveness. Exposure Management: Lead the enterprise vulnerability management and threat exposure programme, ensuring proactive identification, assessment, and remediation of risks through vulnerability scanning, patch management, penetration testing More ❯

We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the direction … of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune … need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You More ❯

Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT)/SOC … owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons … types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve More ❯

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary … The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more. The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team … activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery More ❯

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary … Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team … activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery More ❯

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary … Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team … activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery More ❯

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary … Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team … activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery More ❯

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary … Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team … activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery More ❯

Incident Response - Recovery Specialist Salary: Up to £60,000 DOE Location: Manchester (with travel at short notice) Step into a role where your expertise makes an immediate and measurable impact. We're recruiting on behalf of a fast-growing cyber security organisation that specialises in incident response, recovery and digital forensics. This is a unique opportunity … technologies and industries You'll join a company that invests heavily in training, development and career progression This is not routine support work. This is hands-on, technically rich incident recovery where your skills directly shape the outcome. What You'll Be Doing Restoring and rebuilding client infrastructures after cyber attacks Remediating compromised environments and enabling business operations to … resume Working closely with incident response investigators to help prevent future breaches Segmenting networks and containing threats during live incidents Collecting firewall and authentication logs for forensic analysis Migrating on-prem systems to secure cloud alternatives Automating recovery processes using PowerShell or similar tooling Communicating confidently, calmly and clearly with clients during high-pressure situations What You'll More ❯

getting hands-on with red team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What's in it for you Fantastic basic salary … e.g. IET, BCS, CIISEC) with professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using … and compliance against standards such as IEC 62443, NIST SP800-82 and NIS-R Helping deploy, configure and maintain OT cybersecurity and security monitoring solutions Contributing to crisis simulations, incident response plans and cybersecurity awareness training Preparing reports, documenting findings and recommending improvements to strengthen cyber resilience Supporting proposal development and wider service delivery documentation Where you'll More ❯

and are looking for a proactive and skilled Level 2 SOC Analyst to support their growing client base. This role is ideal for someone with hands-on SOC or incident response experience who enjoys analysing complex security events and helping strengthen defensive operations. As a Level 2 SOC Analyst, you will act as a key escalation point for … Junior Analysts, taking ownership of advanced investigations and contributing to continuous improvement of our security monitoring services. You'll work across a variety of customer environments, supporting incident response, enhancing detection logic, and ensuring threats are identified and contained quickly. This position includes participation in an on-call rotation for high-priority incidents, with additional compensation provided for … in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. More ❯

and are looking for a proactive and skilled Level 2 SOC Analyst to support their growing client base. This role is ideal for someone with hands-on SOC or incident response experience who enjoys analysing complex security events and helping strengthen defensive operations. As a Level 2 SOC Analyst, you will act as a key escalation point for … junior analysts, taking ownership of advanced investigations and contributing to continuous improvement of our security monitoring services. You'll work across a variety of customer environments, supporting incident response, enhancing detection logic, and ensuring threats are identified and contained quickly. This position includes participation in an on-call rotation for high-priority incidents, with additional compensation provided for … in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. More ❯

solving real-world challenges and helping to build a safer digital future for our clients. About This Role We’re looking for a Senior Product Manager – Managed Detection and Incident Response (m/f/x) to join our Product team. As our client base continues to grow rapidly across Europe, this role will play a key part … in scaling our Managed Detection and Response (MDR) and Incident Response (IR) capabilities — Eye Security’s most strategic product area. You’ll take full ownership of the product strategy and roadmap for this space. Collaborating with our engineers, product designers, security operations , and product marketing , you will ensure that our platform evolves with our customers’ needs and … This is a remote role in the United Kingdom . What You Will Do Product Strategy & Roadmap: Define and own the product strategy and roadmap for MDR, Endpoint Detection & Response (EDR), and IR, ensuring alignment with our overall product vision and company OKRs. Product Discovery: Drive discovery practices to deeply understand customer needs, problems, and pain points, translating them More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company … of our global team, you'll be working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines, when espionage or … problems under pressure, thrive on collaboration, and want to work with the best in the industry. Who We Are We’re a globally distributed team of nearly 200 dedicated incident responders, forensics specialists, and crisis managers spread across more than 25 countries. Every day, we work across time zones, cultures, and languages to protect clients that range from household More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

30+ countries), ensuring alignment to the firms risk appetite, client expectations and legal and regulatory changes and attitudes Manage and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal and regulatory reporting, client … and individual notifications and reputation management. Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide To support the CPO and CISO in the formulation and delivery of the firms cyber and incident response strategy and response framework Ensure data security risks are appropriately identified, mitigated … meets its legal obligations and to inform decision-making and strategy development in the firm Provide expert advice to Client Audit and Engagement Terms teams in connection with data incident response and reporting Lead thorough and independent investigations into data privacy and security issues, including in response to compliance breaches and complaints, ensuring the highest levels of More ❯

As an Operational IS Specialist, you will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units across bp. As the … Friday 7 - 4 with weekend work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM and case management systems. Develop and … procedures, ensuring compliance with standards. Collaborate with internal teams, senior partners, and third-party providers to address security and risk issues. Find opportunities for process improvement and automation in response to evolving threats. Conduct proactive threat hunting and work with the cyber intelligence team to implement risk mitigation measures. Uphold bps Code of Conduct and model bps values and More ❯

As an Operational IS Specialist, you will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units across bp. As the … Friday 7 - 4 with weekend work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM and case management systems. Develop and … procedures, ensuring compliance with standards. Collaborate with internal teams, senior partners, and third-party providers to address security and risk issues. Find opportunities for process improvement and automation in response to evolving threats. Conduct proactive threat hunting and work with the cyber intelligence team to implement risk mitigation measures. Uphold bps Code of Conduct and model bps values and More ❯

Description The Role As a Cyber Insurance Incident Manager at Willis, you will serve as an advisor and support lead for internal colleagues and clients facing cyber incidents. This role requires strong coordination and communication skills to support clients through high-stress events such as ransomware attacks, data breaches, and business email compromises. You will help ensure rapid response, align incident actions with insurance policy terms, and manage relationships with insurers, legal counsel, and technical vendors to protect client interests and minimize disruption. You will also support the coordination of incident support capabilities; including pre-, during and post- incident services. Key Responsibilities Client Advocacy: Working alongside our cyber broking team to function as the incident … a cyber event—providing strategic guidance, triaging issues and supporting communication across stakeholders. Policy Interpretation: Help clients understand how their cyber insurance coverage applies in real time during an incident, identifying covered and uncovered elements and setting expectations accordingly. Vendor Coordination: Facilitate introductions to approved breach response vendors (forensics firms, privacy counsel, crisis communications, etc.) and ensure prompt More ❯

giving you peace of mind. Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. The Role As a Cyber Insurance Incident Manager at Willis, you will serve as an advisor and support lead for internal colleagues and clients facing cyber incidents. This role requires strong coordination and communication skills to … support clients through high-stress events such as ransomware attacks, data breaches, and business email compromises. You will help ensure rapid response, align incident actions with insurance policy terms, and manage relationships with insurers, legal counsel, and technical vendors to protect client interests and minimize disruption. You will also support the coordination of incident support capabilities; including … pre-, during and post- incident services. Key Responsibilities: Client Advocacy: Working alongside our cyber broking team to function as the incident manager for clients experiencing a cyber event—providing strategic guidance, triaging issues and supporting communication across stakeholders. Policy Interpretation : Help clients understand how their cyber insurance coverage applies in real time during an incident, identifying covered More ❯

positive working relationships with them. Including: Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring with the wider CISO team Support Cyber Security incident response process Support Vulnerability Management Process Support RFI for wider stakeholders What do you need to thrive in this role? Knowledge of security concepts such as cyber-attacks … and techniques, threat vectors, risk management, incident management etc Experience in threat management Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix Knowledge of applications, databases, middleware to address security threats against the same Experience in delivering a threat intelligence function and working with information security, especially Computer Incident Response Team (CIRT … Computer Emergency Response Team (CERT), Computer Security Incident Response Centre (CSIRC) or a Security Operations Centre (SOC) Demonstrable experience of supporting the development and delivering of a cyber defence strategy Demonstratable experience of building deliverables, reporting and metrics around Threat Intelligence functions Knowledge of cloud security concepts and tools assessing cloud-based vulnerabilities Proficient in preparation of More ❯