1 to 25 of 34 Contract Incident Response Jobs in England

Cyber Incident Response Analyst London - Onsite 2/3 days a week ASAP Start - November 26 £300 per day - Inside of IR35 We are looking for a Cyber Incident Response Analyst to join a small, highly visible cyber security team and step in for an existing … another project for the next 6-9 months. This role sits on the "Respond" side of Cyber Security, focusing on end-to-end cyber incident management, stakeholder communications, and clear reporting. With increased workload driven by the client merger, this is a key role supporting the organisation's security ...

teams, automate workflows, and integrate with existing security tools to detect, prioritize, and remediate threats faster. It includes multiple modules such as Security Incident Response (SIR), Vulnerability Response (VR), and Threat Intelligence, among others. Security Incident Response (SIR) is a specific module within SecOps focused … While SecOps is the umbrella platform, SIR is one of its core capabilities. Key Differences: * Scope: SecOps: End-to-end security operations platform covering incident response, vulnerability management, threat intelligence, and orchestration. SIR: Specializes in handling security incidents-from detection to resolution. * Primary Use Case: SecOps: Aligns security ...

initiatives to minimise it through automation and improved operational tooling.Collaborate with engineering teams to incorporate reliability into services through design enhancements and resilience patterns. Incident and Problem Management Excellence Enhance production outcomes through effective incident response practises, including major incident triage, root cause analysis, and post … incident reviews.Strengthen problem management processes to reduce repeat incidents and mitigate technical debt risks. Observability and Tooling Enablement Set observability standards across logs, metrics, traces, and dashboards to enhance service detection and restoration times.Partner with platform and tooling teams to align SRE needs with enterprise-level tools and processes. ...

minimise it through automation and improved operational tooling. Collaborate with engineering teams to incorporate reliability into services through design enhancements and resilience patterns. Incident and Problem Management Excellence Enhance production outcomes through effective incident response practises, including major incident triage, root cause analysis, and post-incident … corporate banking or similarly regulated financial services context. Strong engineering background with the ability to drive automation and minimise manual toil. Proficiency in incident response, problem management, and operational resilience practises in critical settings. Excellent stakeholder management skills, with the capacity to influence and communicate effectively at senior ...

strengthening the organisation's security posture. Role Overview: You'll lead on security engineering initiatives, own key security platforms, drive automation and support incident response and threat detection activities. You'll also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. … using Terraform and Ansible. Maintain secure baselines for Windows, Linux and Kubernetes. Automate IAM workflows and integrate identity governance into CI/CD. Support incident response, threat detection and Red/Blue team exercises. Maintain security documentation and participate in on-call rotations. Qualifications & Experience: Degree in Computer ...

Security: Drive the secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation ...

visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management and remediation processes … management platforms such as Tenable Knowledge of OT/ICS security platforms such as Claroty is beneficial Experience supporting security monitoring, detection engineering and incident response Strong understanding of enterprise infrastructure and cloud security Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

threats posed to government systems, critical national infrastructure and strategic interests. You will operate in a highly secure environment, working closely with security operations, incident response, risk, and technical teams to deliver actionable intelligence that supports defensive and strategic decision-making. Key Responsibilities Collect, analyse and assess cyber … actor activity, including TTPs, malware, campaigns and infrastructure Produce high-quality intelligence reports, briefings and threat assessments for technical and non-technical stakeholders Support incident response and SOC teams with timely, contextual intelligence Maintain and develop threat intelligence repositories, playbooks and knowledge bases Contribute to strategic, operational ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Catalogues, High-Level and Detailed Solution Designs, Data Flow Diagrams, and evidence of GDS alignment Ensure integration solutions support real-time monitoring, alerting, and incident management (e.g., via ServiceNow and Power BI dashboards), in line with GDS requirements for operational monitoring and incident response Work with security … teams to ensure all integrations meet protective monitoring and incident notification requirements, following GDS security and privacy standards Support test assurance activities, including integration testing, defect triage, and resolution, ensuring quality is built in from the discovery phase as per GDS guidance Provide technical leadership and guidance to project ...

SecurityDrive the secure design and operation of critical technology platforms, collaborating closely with platform owners and engineering teams to embed security throughout the lifecycle.Incident Response and Threat ManagementProvide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

procedures aligned to UK Government frameworks Conduct People and Physical Security risk assessments, audits and assurance activities Lead or support personnel security investigations, incident response and post-incident reviews Contribute to the development and delivery of insider risk programmes Provide subject matter expertise and advisory support ...

guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case ...

workloads Implement observability and monitoring to detect vulnerabilities and security risks Collaborate with engineering, security, and risk teams to strengthen DevSecOps practices Support incident response and SOC activities related to container environments Ensure compliance with industry security standards (eg NIST, CIS, PCI-DSS) Key Requirements Strong experience with ...

workloads Implement observability and monitoring to detect vulnerabilities and security risks Collaborate with engineering, security, and risk teams to strengthen DevSecOps practices Support incident response and SOC activities related to container environments Ensure compliance with industry security standards (e.g. NIST, CIS, PCI-DSS) Key Requirements Strong experience with ...

CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows … Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate … Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry ...

vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating … customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively ...

doing: Providing expert technical guidance to project teams to ensure compliance with customer, regulatory, and internal security standards. Leading the Computer Incident Response Team during security incidents, coordinating response efforts. Collaborating with the Cyber Security Operations Centre to meet UK security needs and communicate effectively with stakeholders. ...

Analyst, you will play a key role in delivering effective SOC services across multiple platforms and projects. You will provide hands on monitoring and incident response while also supporting the development of people, processes and security controls. Key responsibilities include: Leading and mentoring a small team … Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support ...

enhance platform services across hybrid environments Improve and standardise automated deployment and CI/CD pipelines Strengthen observability, monitoring, and proactive operations Support incident response, troubleshooting, and service improvements Provide guidance on platform patterns, tooling, and best practices Contribute to architectural decisions and technical governance Share knowledge ...

pipelines and SDLC processes Define and support SLIs, SLOs, and alerting strategies in collaboration with engineering teams Promote best practices in instrumentation, monitoring, and incident response Work with network and platform teams to improve visibility across infrastructure and services Required Skills & Experience Proven experience in observability ...