1 to 25 of 57 Contract Incident Response Jobs in England

security stacks. The ideal candidate will have expertise in monitoring and analyzing security incidents in SOC. Your Responsibilities (Up to 10, Avoid repetition) 1. Incident Detection and Response Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize … security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures. Quality Assurance for SOC L1, monitoring and triaging. 2. Incident Detection and Response Lead investigations and remediation of complex ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

take ownership of day-to-day cyber security activities, stabilise the current security posture, and drive a backlog of critical actions across incident response, vulnerability management, and network security. It's a small team environment, so pace, urgency, and the ability to be effective quickly are essential. … infrastructure teams, balancing strategic oversight with hands-on execution to ensure progress is made. What you'll be doing: ?? Owning and progressing cyber incident response planning and readiness activities ?? Reviewing vulnerability scan outputs, prioritising risk, and driving remediation actions ?? Leading remediation activities from penetration testing and security assessments ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

significant injury risks as well as the management of H&S issues on the estate. We're now seeking an experienced H&S Incident Response Manager to join our team. In this pivotal role, you will manage and coordinate the effective delivery of incident and issue management … This is a hybrid role with a minimum of 2 days per week in our Central Reading office. What you'll do: Co-ordinate incident and issue management delivered by outsourced providers, ensuring alignment with MBNL's Policies and Standards. Serve as the primary point of contact for stakeholders ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

high-performing Security Operations Centre supporting a large-scale telecoms environment. This is a hands-on Tier 2 CERT role focused on investigation, response, and remediation of security incidents across enterprise-scale infrastructure. If you enjoy solving real incidents rather than just closing tickets, this role will suit you. … Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities with IT and engineering teams Produce clear incident reports with technical findings and remediation actions Quality assurance of SOC L1 triage and alert handling Develop and refine detection use cases, playbooks ...

CloudFormation. Embed security checks into GitHub CI/CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security ...

CloudFormation. Embed security checks into GitHub CI/CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security ...

heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every aspect … infrastructure and change lifecycle, ensuring our defences are proactive, responsive and resilient. From playbook rehearsals to live incident recovery, you'll be the calm in the storm, guiding teams through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with ...

someone who understands the UK threat landscape, particularly critical national infrastructure and public sector risks, and can translate threat intelligence into actionable detection, response, and executive insight. Key Responsibilities Lead threat actor tracking and attribution, focusing on APTs, ransomware, supply chain attacks and UK-relevant campaigns Maintain adversary profiles … external intelligence feeds (e.g. MISP, Recorded Future, ISACs, Microsoft TI) Operationalise STIX/TAXII feeds and enrich IOC/IOA pipelines for SOC and Incident Response teams Translate threat intelligence into actionable detections, working with engineers on KQL/SPL queries and proactive threat hunts Produce regular threat ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

working from Sheffield + £550 to £570 per day + Inside IR35 Key Skills: + 3rd/4th Line Support to M365 Copilot + Incident response Job Description: Provide 3rd/4th Line Operational Support for M365 Copilot across HSBC's tenant. Providing incident response via complex troubleshooting, policy/configuration changes and mass deployments throughout the organisation. Key Responsibilities: + Incident & Problem Management: Triage and resolve complex M365 escalations/Multi User Incidents (usage, access errors, unexpected results). Root cause analysis across M365 Admin Centre, Entra, Conditional Access, SharePoint/OneDrive ...

posture aligns with business objectives, regulatory requirements, and recognised industry standards. The Information Security Officer will own security strategy, risk management, policy development, and incident response, while promoting security awareness across the organisation. Key Responsibilities Develop and maintain an organisation-wide information security strategy. Establish and enforce security … policies, standards, and governance processes. Lead incident response and manage security breaches. Ensure compliance with relevant laws, regulations, and security frameworks. Embed security into risk management, application development, and operational processes. Report on security risks and programme performance to senior leadership. Support supplier assurance, audits, penetration testing ...

across IT projects, platforms, and operational environments Act as the security lead for assigned IT projects, ensuring alignment with security policies and standards Oversee incident response, investigations, and post-incident reviews for IT security events Ensure compliance with information security frameworks, regulatory requirements, and internal controls Work ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Accreditor to ensure solutions meet accreditation requirements for DV-level systems. Define and validate hardening baselines , access control models, logging/monitoring and incident response approaches for HPC platforms. Support risk assessment , threat modelling and vulnerability remediation for HPC services. Platform Engineering & Operations Oversee build, configuration and tuning ...

Alienvault) • EDR • Vulnerability management (Qualys) • Azure/AWS strong IAM & Conditional Access • M365 security: Defender for Office 365, DLP, Secure Score/Purview • Lead incident response develop/run IR playbooks • Compliance: Cyber Essentials, GDPR • Desirable certs: CISSP/CISM This role is fully remote, however you will ...

/CD pipelines and DevOps practices Solid understanding of IAM, PAM/PIM solutions, and SSL/TLS policy implementation Proven experience in incident response and troubleshooting Nice to have: Knowledge of cloud security (Azure or GCP) Experience integrating SIEM platforms Understanding of Zero Trust architecture ...

Analyst, you will play a key role in delivering effective SOC services across multiple platforms and projects. You will provide hands on monitoring and incident response while also supporting the development of people, processes and security controls. Key responsibilities include: Leading and mentoring a small team … Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support ...

transformation approach focused on a complete overhaul , not iterative improvement. Greenfield SOC Build Oversee the creation of a full SOC capability including monitoring, incident response, digital forensics, analytics, and automation. Lead the consolidation and modernisation of a complex, fragmented tool and technology landscape. Ensure minimal disruption to operational ...