1 to 25 of 32 Contract Incident Response Jobs in London

Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response … investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify … lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and More ❯

scans and external security & penetration tests, forensic audits, or related investigations. This includes the ability to ensure remediation of findings are handled and fed into continuous service improvement activities. Incident management of cyber security events of all severities, throughout the incident lifecycle. Business Continuity Develop, maintain, and improve data and technology Business Continuity & Disaster Recovery Plans that enable … into Live Service Experience of working with conflicting, highly complex, and/or highly sensitive information Experience in managing critical incidents, and problem investigation + resolution (including managing security incident response, and information security breaches) Experience of contributing to, and developing enabling strategies (example: information security) Coaching, mentoring and supervision of others Management of financial budgets for a … on-call, consumables, relevant 3rd party provision contracts) and developing investment cases Desirable Experience in conducting or managing information security audits, penetration testing, table-top/simulation exercises, and incident investigations Experience of management products/services in healthcare (NHS) Skills and Knowledge Essential Deal with complex business problems and translate into information security and business continuity requirements and More ❯

meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including Microsoft 365 and Azure More ❯

to review technical security proposals with Product Teams. Attend Security Working Groups and Tenant Forums to provide and lead on ongoing technical security guidance. Participate in high-priority security incident bridge calls and provide expert support during security incidents (office hours only): lead Post Incident Response investigations. Requirements: Strong knowledge of cloud security principles, frameworks, and best More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (extension 8144) and More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (phone number removed More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a … level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon … agents across enterprise endpoints. Maintain and update detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage More ❯

Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security More ❯

Advise on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) with a hands-on delivery mindset. Develop, implement, and enforce security policies, standards, and best practices. Lead incident response and root cause analysis for security-related issues. Mentor and train teams on DevSecOps principles, ensuring knowledge transfer and capability building. What we're looking for: Proven More ❯

Manager to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this More ❯

Manager to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

delegated authority and client risk appetite. Deliver monthly IA risk and issue briefings to Senior Leadership Team (SLT). Chair and operate Client Security Working Groups (SWGs) . Support incident response and remediation activities in conjunction with the Client OSM. Undertake physical security site inspections and approvals to agreed standards. Ensure ongoing 3rd party compliance and threat mitigation. More ❯

JavaScript, Glide API), platform configuration, and integration methods (REST/SOAP). Demonstrable recent, practical development experience , not just solution design or consultancy oversight. Strong ITSM development experience (e.g., incident, change, problem, catalogue, workflows, scripting) Event Management (ITOM) or Scoped application development Delivered customisation, scripting, integrations, and technical problem-solving directly , rather than relying on managed suppliers Provide specific … or relevant module-specific certifications (e.g., ITSM, ITOM) are a plus. Relevant qualifications in ITIL or Agile methodologies. Customer Service Management (CSM)/Application Portfolio Management (APM)/Security Incident Response (SIR) experience Previous delivery experience with integrations such as GitHub, or Entra ID. Understanding of security and governance requirements in public sector IT environments. Job Role/ More ❯

mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red More ❯

mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red More ❯

into actionable engineering guidelines and reusable controls. Ensure AI systems avoid prohibited practices and meet obligations around: Transparency and user awareness Data minimisation and lawful processing Continuous monitoring and incident response Cross-Functional Collaboration & Governance: Partner with legal, compliance, and architecture teams to align AI development with enterprise risk and governance frameworks. Contribute to internal working groups on More ❯

and observability tooling meets evolving trading requirements. Monitor and manage capacity and performance of global connectivity systems, working with regional teams to aggregate local intelligence. Conduct deep-dive post-incident analysis and forensic reviews during high-impact market events (e.g., non-farm payroll), using packet analysis to identify systemic improvements. Develop and maintain automated alerting, health checks, and dashboards … Produce operational and performance KPIs, SLO/SLI metrics, and executive summaries to support senior decision-making. Champion continuous improvement and innovation, driving technology adoption in monitoring, resiliency, and incident response tooling. Required Skills/Experience The ideal candidate will have the following: Strong background in low latency network engineering, including TCP/IP, multicast, traffic shaping, and More ❯

and implement automated security workflows across their infrastructure. After deciding against expanding their SOC to a full 24x7 model, the business is investing in automation to improve detection-to-response times and reduce manual intervention. The successful candidate will collaborate with SOC teams, developers, and infrastructure engineers to build automated remediation processes that can isolate or shut down affected … DevSecOps, Security Automation, or Infrastructure Engineering. Proficient in scripting languages (e.g. Python, PowerShell, Bash). Hands-on with IaC tools (Terraform, Ansible, CloudFormation). Solid understanding of SOC operations, incident response, and security monitoring. Preferred Background in large-scale or regulated environments. Knowledge of CI/CD pipelines and secure DevOps practices. Personal Attributes Proactive, analytical, and automation More ❯

Skills & Experience: Valid SC Clearance Practical experience with ISO 27001 auditing Background in a DITSO or similar IT security role within Defence or OGD Familiarity with WARP processes and incident response coordination Understanding of UK government cyber policy and NCSC guidance More ❯

Service Management Engineer to join a growing team. In this role, you'll be at the heart of the IT monitoring and event management services, ensuring smooth operations, rapid incident response, and proactive service improvement. If you're passionate about technology, problem-solving, and delivering excellent service, this could be the role for you. What you'll be … maintenance. Skilled in creating and managing operational checklists for system health. Solid understanding of IT processes and event management within ITSM frameworks. Desirable Familiarity with ITIL best practices (Event, Incident, and Problem Management). Experience in IT support or operations roles. About you Proactive, flexible, and eager to learn. Strong analytical and problem-solving skills. Organised with excellent communication More ❯