1 to 25 of 55 Contract Incident Response Jobs in the UK

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

Remote | Contract (Inside IR35) | 6+ Months | Rate (TBC) We are seeking a Network Security SMEto support our client in strengthening their contain-to-eradicate incident response capability. This role is focused on enabling rapid, controlled network isolation and eradication during high-impact security and operational incidents … regulated environment. This is a hands-on senior role requiring proven experience in enterprise-scale containment and incident response within security-critical environments. It is a contract position (Inside IR35) which is intially 6 months but likely to extend. The rate ...

selection, design, and transition from fragmented security tooling to a unified SIEM platform and security data lake . Drive a fundamental shift from incident-focused, task-based workflows to preventative security activities and platform optimisation . Proactive Threat Focus Guide the evolution from reactive alert handling to proactive threat … prompt injection, data poisoning, and model theft . Deploy and monitor guardian agents to provide real-time detection of malicious behaviour within AI systems. Incident Response & Resilience Guide the development, testing, and maintenance of advanced incident response plans , with a focus on high-impact threats such ...

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible ...

largest and most innovative energy companies. Your responsibilities: Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/… systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for our ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse, and alignment with ServiceNow and enterprise architecture standards. Mentor ...

energy assets, and millions of customers. Your responsibilities: (Up to 10, Avoid repetition) Design and own the architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence … platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap and best practices for our ServiceNow platform across multiple business units. Champion platform governance, scalability, reuse, and alignment with ServiceNow ...

client is seeking a SOC Analyst to join a security operations team in London. The role is focused on real-time monitoring, investigation, and incident response across a modern enterprise security environment. - Key Responsibilities Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint … Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce clear incident documentation, reports, and recommendations for continuous improvement. Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows. Required ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control … governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure ...

maintains observability capabilities across applications, infrastructure, and cloud platforms. The role ensures reliable log ingestion, actionable monitoring, and high-quality telemetry to support operations, incident response, and platform assurance. Key Responsibilities Monitoring & Observability Implement and manage monitoring platforms such as Splunk, Elastic, Azure Monitor, Log Analytics, or similar … Ensure consistent, compliant log ingestion from Servers, applications, and cloud services. Optimise data retention, indexing, and storage efficiency. Operational Support & Assurance Support troubleshooting and incident response through log analysis and metrics insights. Conduct platform tuning, optimisation, and capacity reviews. Identify monitoring gaps and implement improvements to strengthen observability. ...

expertise and a passion for delivering safe, secure, and reliable critical infrastructure services. You will play a key role in ensuring operational continuity, driving incident response, supporting service delivery, and maintaining compliance across complex datacentre environments. Responsibilities: Data Centre Operations: Ensure full compliance with datacenter policies, safety standards … tasks and projects in collaboration with cross-functional technical teams. Manage operational programs and contribute to Root Cause Analysis (RCA) processes. Lead or support incident response efforts for critical infrastructure failures, ensuring rapid recovery and minimal downtime. Identify risks in the critical environment and implement mitigation strategies. Manage ...

Security Practices, Level 2) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...

Cyber Defence team. Mentor senior leaders within the function, enhancing efficiency, leadership capability, and stakeholder engagement. Review, refine, and where necessary implement improvements to Incident Response plans and operational processes. Support delivery of the broader CISO cyber programme. Develop and enhance operational and performance reporting, including KPIs, metrics … Security Operations function within a large, complex global organisation. Strong operational background with proven ability to stabilise, mentor, and uplift teams. Deep understanding of incident response, cyber operations, and performance management. Confident operating at senior stakeholder level, including CISO and executive audiences. This is a high-impact interim ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

incidents on critical client infrastructure. Perform in-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerability Provide Incident Response support when required, providing guidance on containment, eradication and recovery activities. Maintain and, where appropriate, improve and develop team knowledge … Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Input into threat intelligence activities when required. Represent the SOC within Stakeholders meetings ...

deployment pipelines. Ensure repeatable, reliable, and secure deployment processes aligned with best practices. Operational Excellence & SRE Support Contribute to SRE practices including monitoring, incident response, latency management, and service reliability improvements. Support observability initiatives by integrating monitoring, logging, and alerting tools. Troubleshoot platform issues across Red Hat, Kubernetes … maintaining strong communication with technical teams and stakeholders. This role is for a UK based Utility company and hence demands a highly experienced Major Incident Manager. severity incidents. functional technical teams to diagnose and resolve issues. Incident Activities dive reviews to identify root cause and preventive actions. ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Site Defender (KSD), WAF, and Bot Manager Implement and manage security policies, rulesets, and traffic routing configurations Monitor web traffic, identify threats, and support incident response activities Tune WAF and bot protection rules to minimise false positives and enhance effectiveness Support CDN configuration, caching strategies, and performance optimisation ...

Umbrella Clearance: Credit Check Required What You will do Operate and enhance our Kubernetes platform across AWS, Azure, and on-prem. Lead incident response, problem management, and root-cause analysis. Deliver cluster lifecycle work: upgrades, patching, node pools, CNI/CSI, ingress, and Rancher operations. Own observability, dashboards ...

configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support incident response and collaborate with project and change teams to ensure new deployments and business initiatives are delivered securely. This is a hands-on, high ...

report regularly to the business. Escalate when service levels are not meeting expectations Contribute to managing suppliers. Specifically the Digital Shopfloor Bundle supplier: challenge incident response time (MTTR), incident quantity (repeat incidents) and quality of support . Support the transition to the new Shopfloor Bundle contract ...

perspective Identify vulnerabilities, weaknesses, and control gaps Drive hardening across Azure, networks, and hybrid workloads Strengthen segmentation, firewall policy, identity security, and logging Support incident-driven remediation and resilience improvements Required Experience Strong hands-on infrastructure/platform engineering background Azure & hybrid cloud security expertise Network security & segmentation (firewalls … Experience with enterprise security controls & remediation Ability to perform deep technical analysis Clear stakeholder communication Security Analyst (Contract) Focus: Detection, Response & Optimisation Key Responsibilities Advanced Microsoft Defender analysis & optimisation Write, tune, and troubleshoot KQL queries Investigate alerts and support incident response workflows Liaise with SOC & technical teams ...

month contract at £400-£450/day. You'll support cloud security operations, contribute to engineering projects, and play an active role in global incident response. Key Responsibilities Monitor and investigate SOC tickets, including SIEM analysis and liaising with users as needed. Complete a full knowledge handover with … logs) On-prem systems (firewalls, load balancers, IDP) Communicate cloud security findings to staff and guide remediation. Act as a member of the Incident Response team. Work flexibly to accommodate occasional early-morning calls with global (ANZ) teams. Requirements Proven experience in cloud security operations (AWS preferred). ...

Deliverables: Deployment of cloud resources in-line with architectural designs, to support workstream requirements. Support and Maintenance of all XXX ClientCloud hosting environments, encompassing incident response, support requests, ClientCert impact assessments, remediation and access management Development of in-house scripts and tooling for automation and streamlining of support ...