1 to 25 of 257 Incident Response Jobs in the UK excluding London

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

Cyber Incident Response Lead – Defence – SC Cleared We’re supporting the delivery of a nationally significant defence programme that’s shaping the UK’s future capabilities in secure systems and platforms.As a Cyber Incident Response Lead Specialist, you will take the helm in managing and evolving … cutting-edge cyber response function, including the oversight of a WARP (Warning, Advice and Reporting Point) service to enhance threat visibility and collaboration across stakeholders and delivery partners.Key Responsibilities Lead and coordinate response to cyber security incidents across a complex and sensitive defence environment Manage and continually evolve ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

enterprise clients.* Full-time, permanent role focused on securing client infrastructures across network, cloud, and endpoint environments.* Hands-on position covering security design, incident response, vulnerability management, and client consultancy.* Hybrid working model with strong benefits, development pathways, and exposure to complex, real-world security challenges.* To apply … Security Engineer, you'll play a key role in securing client IT environments by designing, implementing, and managing robust security solutions. You'll lead incident response activities, conduct vulnerability assessments, and proactively identify risks across network, cloud, and endpoint systems. You'll work directly with clients to understand ...

Information Security Operations Manager to lead and mature a Security Operations (SOC) function. This is a hands-on, operational role focused on improving detection, response, and incident readiness - not a compliance or GRC-led position. You'll manage a small SOC team, own the relationship with a Managed … Detection & Response (MDR) provider, and drive continuous improvement across security operations, tooling, and processes. Key Responsibilities Lead and develop a small SOC team (2 SOC Analysts and an interim resource) Own and optimise the clear day-to-day relationship with an MDR provider Improve SOC maturity, playbooks, and incident ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

looking for a hands-on Cyber Security professional to help strengthen and evolve its security capability. This role blends security engineering, tooling, governance, and incident response in a modern cloud-focused environment. You’ll translate security requirements into practical technical controls, support secure project delivery, and continuously improve … dashboards, and reporting Lead security initiatives and produce technical documentation and evidence packs Support deployment of new security controls alongside the Security Architect Lead incident response, including escalations, coordination, and post-incident reviews Work closely with IT and Digital teams to provide practical security guidance What ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

authority, you will shape long-term security strategy, set standards, and act as the first line of defence against cyber threats. You will lead incident response, maintain and improve cyber resilience, and provide expert advice to senior leaders on risk, governance, and investment priorities. This role is highly … implementing controls, responding to incidents, and driving continual security improvements. Key Responsibilities Lead organisational cyber security activities and strategy. Oversee monitoring, threat detection, and incident response with internal teams and a third-party SOC. Act as Incident Commander during major cyber events and maintain the cyber risk ...

ANALYST ROLE: As a Cyber Resilience Analyst, you'll be responsible for defining, maintaining, and testing the organisation's resilience plans, covering Business Continuity, Incident Response, and Disaster Recovery. You'll work closely with IT teams and stakeholders across the wider business to ensure resilience strategies are practical … robust, and effective. The role plays a key part in analysing the impact of cyber incidents on business systems, supporting incident reviews, and ensuring lessons learned are fed back into improved resilience planning. You'll also work alongside project and change teams to ensure new systems and developments ...

months). In full: Job Purpose The UK CSIRT Tier1 Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work within a team and individually, to respond to incidents and security events. … role requires the individual to have a high level of performance and individual ability. About the Role As part of the Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CISRT analyst within its Cyber Security Operations Centre (CSOC ...

Head of IT Security to build and lead a multi-disciplinary security function that protects the entire organisation. From setting strategy to refining incident response, your impact will be felt across the business. The RoleAs the Head of IT you will build and lead a multi-disciplinary security … function that protects the entire organisation. From setting strategy to refining incident response, you will strengthen how to defend, detect, and respond, and be a leader who's ready to take the security function to the next level.This is a role for a visionary, a builder, a mentor ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

responsible for the leadership, governance and performance of Security Operations Centre capabilities supporting a secure defence programme. The role ensures effective monitoring, detection and response across classified environments, working closely with incident response and threat teams. Key Responsibilities Own SOC operating model, processes and performance management Ensure … effective monitoring and detection across secure environments Oversee SOC analysts, tooling and service providers where applicable Drive continuous improvement of detection use cases and response workflows Coordinate closely with incident response and vulnerability teams Provide senior-level reporting on security posture and operational effectiveness Ensure SOC activities ...

cloud environment. This is not a traditional SOC role focused on alert handling . The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment. … senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes. Typical responsibilities include: Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis. Designing, tuning and improving detection across SIEM ...

threats, trends, technologies, and best practices. Provide expert advice and guidance on information security matters to various stakeholders across the organization. 2. Security Operations & Incident Response: Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus … vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response, including detection, analysis, containment, eradication, recovery, and post-incident review. Develop and maintain robust disaster recovery and business continuity plans related ...

industry standards (e.g., GDPR, PCI DSS, NIST CSF) Influence cyber security improvements by reviewing IT/security architectures and providing expert challenge Oversee incident response readiness and assurance of cyber security testing across the enterprise Promote strong security awareness and assure the quality of provider training Conduct horizon … risk assessment and development of mitigation plans aligned to business objectives Experience producing cyber security performance metrics for senior leadership Hands-on experience in incident response, vulnerability management, system hardening, and post-incident analysis Strong understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation ...

. This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible, hybrid … networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall ...

delivering technology change/improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will … involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

platforms and services. Apply software engineering principles to improve reliability, scalability, performance and operability. Contribute to technical strategy, standards and long-term platform evolution. Incident Management & Resilience Lead and participate in incident response, root cause analysis and blameless post-mortems. Use data and observability to reduce mean … . Deep understanding of Linux, networking, distributed systems and cloud platforms. Experience with infrastructure-as-code and automation (e.g. Terraform, Ansible, CloudFormation). Strong incident response, troubleshooting and fault-analysis skills using a scientific, data-driven approach. Experience with observability: metrics, logging, tracing, alerting and performance analysis. Ability ...

Operations Centre • Coordinate penetration testing, cybersecurity risk self-assessments and remediation activity • Lead real-time monitoring of cybersecurity alerts and events, including investigation and incident response • Manage and maintain security infrastructure including firewalls, IPS, WAF, SIEM, EDR and endpoint controls • Oversee vulnerability management, patching and security hardening across … Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing, switching and firewall design • Solid ...

money stops flowing . As Ticketing Operations Manager, you will: Protect revenue by ensuring maximum uptime across all payment and ticketing channels Lead major incident response for payment and ticketing failures Own operational performance across systems used by millions of customers Manage and develop a high-performing operations … incident management team This is a senior operational leadership role with real accountability and influence. Key Responsibilities Lead the day-to-day operational management of all customer-facing ticketing and payment systems, including: Mobile ticketing apps Smartcards EMV/contactless payments Ticket vending machines Take ownership of major incident ...