20 of 20 Incident Response Jobs in the West Midlands

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight More ❯

Senior Incident Responder £71000 GBP Onsite WORKING Location: Birmingham, West Midlands - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client - a global technology and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You'll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You'll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft More ❯

environment. Defence Writing & JSP Familiarity: Prepare formal documentation in line with Defence Writing principles, with an understanding of Joint Service Publications (JSPs), particularly in areas related to cybersecurity governance, incident response, and monitoring operations. Incident & Case Management: Support the incident response lifecycle through alert review, case triage, evidence handling, escalation, and forensic data support. Ensure … Security Operations. Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other SIEM tools and security technologies. Knowledge of cybersecurity best practices, threat intelligence, and incident response. Excellent analytical and problem-solving skills. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus. More ❯

Training platforms. Collaborate with IT, architecture, and project teams to improve security posture and integrate security into business processes. Respond to and investigate security incidents, participate in troubleshooting and incident response activities. Provide oversight and support for Security Operations Center (SOC) activities. Develop and enforce security policies, standards, and procedures. Educate and mentor staff on security best practices … minimum of 10 years experience in IT. Hands-on experience with vulnerability management, patch management, and security platforms. Experience developing and auditing governance, risk, and compliance controls. Experience in incident response and security project delivery. Experience managing or participating in security-related projects is a plus. Excellent IT skills, including networking, operating systems (Windows, Linux), and security tools. … Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA Security+, CISSP, CISM) are desirable. About us... Since our More ❯

is a senior leadership role where you'll help set the direction for cybersecurity, manage risk, and ensure compliance across all environments. You'll lead a dedicated team, drive incident response, and work closely with senior stakeholders to safeguard critical systems and data. This is an excellent opportunity for an experienced professional to make a real impact in … drive a comprehensive cybersecurity strategy aligned with best practice frameworks and industry standards Take the lead on risk assessments and vulnerability reviews, implementing robust controls to mitigate threats. Manage incident response processes, including preparation, detection, resolution, and post-incident analysis. Mentor and develop the cybersecurity team, ensuring they have the tools and skills to succeed. Prepare for More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains click apply for full job details More ❯

on expertise across critical systems. Information Security Manager: Duties Experience of business acquisitions - Highly desirable Develop/Maintain enterprise InfoSec strategy aligned business goals Oversee security architecture, vulnerability management, incident response and threat intelligence Lead security risk assessments and manage remediation plans for gaps Financial regulation compliance - GDRP, PCI DSS, SOX, FCA Establish security policies, standards & procedures Repost More ❯

aligned with ISO 27001, NIST, and CIS frameworks. Produce detailed documentation for configurations, processes, and troubleshooting. Collaborate with global cloud, security, and infrastructure teams for consistent, secure operations. Support incident response, root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. Role Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting … and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying up-to-date with More ❯

Are you passionate about technology and eager to start a career in cyber security? We’re looking for a Cyber Threat Detection & Response Apprentice to join our growing team and gain hands-on experience in identifying and responding to cyber threats. This is your chance to learn from industry experts and develop practical skills in a dynamic, supportive environment. … delivering cloud-first solutions powered by Microsoft technologies like M365 and Azure. Our mission is to keep networks secure, efficient, and future-ready. Responsibilities: As a Cyber Threat Detection & Response Apprentice at SNO, you’ll work alongside experienced professionals to strengthen our cyber defence capabilities. Your responsibilities will include: Assisting in monitoring network traffic and security alerts to identify … and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. Contributing to threat intelligence reviews and sharing findings with stakeholders. Preparing reports and presentations on security incidents and trends. Staying up-to-date with More ❯

Code (IaC): Familiarity with IaC tools and best practices. Security: Understanding of cloud security best practices. Competency with Identity and Access Management (IAM) . Strong troubleshooting and debugging skills (incident response desirable). Experience working in Agile environments . Attention to detail when capturing test evidence or specifying tests. Ability to write technical documentation. Willingness to mentor junior More ❯

best practices. Ability to design and implement complex infrastructure. Security: Knowledge of cloud security best practices. Familiarity with Identity and Access Management (IAM) . Troubleshooting and debugging skills, including incident response. Experience working in Agile environments . Ability to write technical documentation. Configuration control using Git . Experience with Terraform . Desirable Skills Containers and orchestration: Understanding of Docker More ❯

maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. Support compliance with ISO 27001, PCI DSS, etc Document architecture, SyOps, and security More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: Vulnerability Management Analyst/VM Analyst/Information Security Analyst/Information More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Responsibilities Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions, including application … aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance dashboards More ❯

IT Security Officer to keep up with the high demand. In this varied role you will be accountable for a broad range of Security Operations activities, including proactive monitoring, incident response, threat and vulnerability management, managing the external Security Operations Centre (SOC) partnership and developing security capabilities. You will also play a key part in providing expert technical More ❯

protection of systems and internal data will be the core responsibility of this position. Key Skills and Responsibilities: Oversee security operations, implementing tools and processes to enhance proactive monitoring, incident response, threat management, and vulnerability management. Maintain security processes, handle support requests, and investigate breaches as required. Monitor external security environments, identify emerging threats, and communicate findings to … and continuous improvement of IT Security Operations capabilities aligned with business needs. Promote the Security, Compliance & Identity function, building strong relationships across teams and stakeholders. Develop and maintain security incident playbooks and guidance. Interested? Please submit your updated CV to Lewis Rushton at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit More ❯