1 to 25 of 39 Contract Incident Response Jobs in the UK

Cyber Incident Response Analyst London - Onsite 2/3 days a week ASAP Start - November 26 £300 per day - Inside of IR35 We are looking for a Cyber Incident Response Analyst to join a small, highly visible cyber security team and step in for an existing … another project for the next 6-9 months. This role sits on the "Respond" side of Cyber Security, focusing on end-to-end cyber incident management, stakeholder communications, and clear reporting. With increased workload driven by the client merger, this is a key role supporting the organisation's security ...

Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during … high severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external ...

initiatives to minimise it through automation and improved operational tooling.Collaborate with engineering teams to incorporate reliability into services through design enhancements and resilience patterns. Incident and Problem Management Excellence Enhance production outcomes through effective incident response practises, including major incident triage, root cause analysis, and post … incident reviews.Strengthen problem management processes to reduce repeat incidents and mitigate technical debt risks. Observability and Tooling Enablement Set observability standards across logs, metrics, traces, and dashboards to enhance service detection and restoration times.Partner with platform and tooling teams to align SRE needs with enterprise-level tools and processes. ...

minimise it through automation and improved operational tooling. Collaborate with engineering teams to incorporate reliability into services through design enhancements and resilience patterns. Incident and Problem Management Excellence Enhance production outcomes through effective incident response practises, including major incident triage, root cause analysis, and post-incident … corporate banking or similarly regulated financial services context. Strong engineering background with the ability to drive automation and minimise manual toil. Proficiency in incident response, problem management, and operational resilience practises in critical settings. Excellent stakeholder management skills, with the capacity to influence and communicate effectively at senior ...

strengthening the organisation's security posture. Role Overview: You'll lead on security engineering initiatives, own key security platforms, drive automation and support incident response and threat detection activities. You'll also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. … using Terraform and Ansible. Maintain secure baselines for Windows, Linux and Kubernetes. Automate IAM workflows and integrate identity governance into CI/CD. Support incident response, threat detection and Red/Blue team exercises. Maintain security documentation and participate in on-call rotations. Qualifications & Experience: Degree in Computer ...

Security: Drive the secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation ...

visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management and remediation processes … management platforms such as Tenable Knowledge of OT/ICS security platforms such as Claroty is beneficial Experience supporting security monitoring, detection engineering and incident response Strong understanding of enterprise infrastructure and cloud security Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

threats posed to government systems, critical national infrastructure and strategic interests. You will operate in a highly secure environment, working closely with security operations, incident response, risk, and technical teams to deliver actionable intelligence that supports defensive and strategic decision-making. Key Responsibilities Collect, analyse and assess cyber … actor activity, including TTPs, malware, campaigns and infrastructure Produce high-quality intelligence reports, briefings and threat assessments for technical and non-technical stakeholders Support incident response and SOC teams with timely, contextual intelligence Maintain and develop threat intelligence repositories, playbooks and knowledge bases Contribute to strategic, operational ...

monitoring solutions into OT networks, alongside the rollout of hardened security baselines. You'll work closely with SOC, security architecture and incident response teams to integrate solutions into a centralised SIEM/SOC capability and fine-tune detection and response.This is a highly technical, electrofocusing role offering real … security technologies (EDR, ITDR, NDR, ICS monitoring) Integrate OT security tooling with a central SOC/SIEM environment (including alerting, detection and response tuning) Take a threat led approach to security configuration, aligned to MITRE ATT&CK, Cyber Kill Chain and relevant threat intelligence Roll out endpoint ...

Security, Cyber Security, or a related field Key Responsibilities include: * To lead the deployment, configuration, and optimisation of OT security tooling, including: Endpoint Detection & Response (EDR) Identity Threat Detection & Response (ITDR) Network Detection & Response (NDR) Industrial Control System (ICS) monitoring solutions * Implement and maintain hardened security baselines … reducing organisational risk * Analyse threat landscape, including attacker tactics, techniques, and procedures (TTPs), and implement appropriate mitigations * Collaborate with wider security teams, including: Incident Response Security Architecture Security Consultancy * Support incident investigations and enhance detection and response capabilities * Lead the roll out of security agents ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Catalogues, High-Level and Detailed Solution Designs, Data Flow Diagrams, and evidence of GDS alignment Ensure integration solutions support real-time monitoring, alerting, and incident management (e.g., via ServiceNow and Power BI dashboards), in line with GDS requirements for operational monitoring and incident response Work with security … teams to ensure all integrations meet protective monitoring and incident notification requirements, following GDS security and privacy standards Support test assurance activities, including integration testing, defect triage, and resolution, ensuring quality is built in from the discovery phase as per GDS guidance Provide technical leadership and guidance to project ...

SecurityDrive the secure design and operation of critical technology platforms, collaborating closely with platform owners and engineering teams to embed security throughout the lifecycle.Incident Response and Threat ManagementProvide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR … workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

procedures aligned to UK Government frameworks Conduct People and Physical Security risk assessments, audits and assurance activities Lead or support personnel security investigations, incident response and post-incident reviews Contribute to the development and delivery of insider risk programmes Provide subject matter expertise and advisory support ...

guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case ...

workloads Implement observability and monitoring to detect vulnerabilities and security risks Collaborate with engineering, security, and risk teams to strengthen DevSecOps practices Support incident response and SOC activities related to container environments Ensure compliance with industry security standards (eg NIST, CIS, PCI-DSS) Key Requirements Strong experience with ...

workloads Implement observability and monitoring to detect vulnerabilities and security risks Collaborate with engineering, security, and risk teams to strengthen DevSecOps practices Support incident response and SOC activities related to container environments Ensure compliance with industry security standards (e.g. NIST, CIS, PCI-DSS) Key Requirements Strong experience with ...

CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows … Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience: 5+ years in a dedicated Cyber ...

CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate … Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry ...

Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate … incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience * 3-4+ years' experience in a Security Operations/SOC-based role * Hands-on experience with Defender, Azure ...

doing: Providing expert technical guidance to project teams to ensure compliance with customer, regulatory, and internal security standards. Leading the Computer Incident Response Team during security incidents, coordinating response efforts. Collaborating with the Cyber Security Operations Centre to meet UK security needs and communicate effectively with stakeholders. ...

Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats) click apply for full job details ...