1 to 25 of 47 Contract Incident Response Jobs in the UK excluding London

Incident Response Analyst Scottish Power HQ, Glasgow Flexible & Hybrid working pattern Negotiable rate, Inside IR35, PAYE and UMB options available Help us create a better future, quicker SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations … deliver a cyber resilient business and the Incident Response Analyst is essential in achieving our goals. This role will be integrated into an active and ambitious global cyber security function, contributing to SPEN's cyber security purpose of delivering cyber resilient OT and IT, to enable a safe ...

Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

Cyber Incident Response Manager - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This … coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response/Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill ...

improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover … Strong understanding of NCSC HMG IAS5, Cyber Assessment Framework (CAF), ISO 27001, and GDPR Hands-on experience integrating with a UK Government SOC, including incident response and security reporting Strong working knowledge of Oracle Cloud security (OCI IAM, Vault, network security, audit, PAM) Experience securing Oracle SaaS applications ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government … other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection ...

frameworks such as NIST CSF, IEC 62443 and other recognised industry standards. Assess critical network infrastructure, including segmentation, remote access, identity, monitoring, resilience and incident response capabilities. Review OT architecture, asset inventories, data flows, firewall rules, network zones and conduits. Identify security gaps, operational risks, vulnerabilities and control … senior business stakeholders. Produce high-quality client deliverables, including assessment reports, risk registers, maturity scorecards, architecture recommendations and implementation roadmaps. Contribute to OT incident response planning, tabletop exercises, cyber resilience testing and recovery planning. Support pre-sales activity, including solution shaping, proposal input and client presentations where required. ...

system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities … equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM ...

vulnerabilities, and malware attack vectors. What We Are Looking For: Experience: Ideally 1-2 years of experience in a similar SOC, security monitoring, or incident response role. Technical Knowledge: A solid grasp of computer networks, operating systems, and core cybersecurity principles. Security Tools: Good working knowledge of security … technologies such as firewalls (network/application), host intrusion prevention, and antivirus software. Mindset: A strong understanding of common attack vectors, malware types, and incident response fundamentals. Critical Requirements: Security Clearance: Due to the secure nature of the environment, candidates must hold active UK Government SC Clearance ...

firm's technology environment which includes Microsoft Defender & Sentinel. Key Responsibilities: * Monitor security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support … maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. * Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). * Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews. * Support ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Glasgow, Scotland, G2 4JR Type: Temporary Contract Hours: 8-Hour Shifts | 24 x 7 x 365 Operational Environment (Days … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

Cisco 9500, Cisco 3850, Network Operations Centre (NOC), TAC, NMC, Layer 2, Layer 3, OSPF, BGP, VLAN, STP, QoS, CCNA, CCNP, Network Monitoring, Incident Management, Shift Operations, 24x7 Support Location: Small Heath, Birmingham, West Midlands, B10 0HQ Type: Temporary Contract Hours: 8-Hour Shifts … deep technical expertise across Cisco Catalyst switching technologies including Catalyst 3850, Catalyst 9300 and Catalyst 9500 platforms. Purpose: To provide 24x7 operational support, monitoring, incident management and technical troubleshooting across critical Cisco network infrastructure, ensuring maximum network availability, performance and service reliability. Technology Stack: * Cisco Catalyst 3850/ ...

leads with cross-functional collaboration. Key Accountabilities Delivering Solutions Develops and implements OT cyber security strategies, including risk assessments and vulnerability analysis. Leads incident response and oversees implementation of security controls, monitoring, and access management. Contributes to network design, including segmentation, firewalls, and intrusion detection for OT environments. … solutions. Strong understanding of communication protocols (e.g., TCP/IP, Modbus, OPC, IEC 61850) and network infrastructure. Proficiency in security risk assessment methodologies and incident response frameworks. Ability to analyse and mitigate threats specific to critical infrastructure and OT environments. Experience with security monitoring tools, SIEM, and anomaly ...

Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills ...

pragmatic cyber security strategy aligned to business priorities, whilst establishing and maintaining security policies, standards, and governance frameworks. You will oversee security operations, including incident detection, response, and continuous improvement, and manage key third-party security service providers, ensuring performance and accountability. Risk management activities will … following experience: Proven interim experience in a Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls, and governance models. Experience ...

private cloud platform, ensuring systems are actively monitored, vulnerabilities are managed, and services remain secure, compliant and resilient. Key Responsibilities Security Monitoring & Response Monitor SIEM, EDR and platform telemetry. Investigate alerts and perform incident triage and escalation. Conduct structured incident response activities. Vulnerability & Patch Management Execute … Release Security Assess changes for security impact. Ensure deployments meet security requirements. Support secure-by-design implementation. Documentation & Continuous Improvement Maintain SOPs, runbooks and incident documentation. Contribute to improvement of SecOps processes and tooling. Essential Experience & Skills Experience in Security Operations or SecOps. SIEM, EDR and vulnerability management tooling ...

internal and external regulatory requirements. Performance & Monitoring Monitor DNS service health, performance, and availability. Optimize query resolution performance and latency. Implement logging, alerting, and incident response processes. Troubleshooting & Support Act as an escalation point for complex DNS and network-related issues. Conduct root cause analysis and implement preventative ...

systematic approach to diagnosing complex technical issues Strong analytical skills to interpret data, identify patterns, and draw actionable conclusions Be involved in investigating incident response activities and postmortem analyses using Dynatrace, Grafana or provide insights. Has the ability to troubleshoot and resolve data quality issues on time, ensuring … using Cloud solutions such as Azure & AWS and containerized environments (Kubernetes, OpenShift) to implement cloud-native monitoring Have good knowledge of ITSM/incident management tools integration. Interacts with and influences colleagues and has working level contact with customers Applies methodical approach to issue definition and resolution Demonstrates effective ...

internal and external regulatory requirements. Performance & Monitoring Monitor DNS service health, performance, and availability. Optimize query resolution performance and latency. Implement logging, alerting, and incident response processes. Troubleshooting & Support Act as an escalation point for complex DNS and network-related issues. Conduct root cause analysis and implement preventative ...

Cloud Platform Engineer Location - Glasgow - fully on site Duration - 40 weeks Contract AWS SRE Engineer - Incident Operations (AWS & Snowflake) We are looking for an AWS Site Reliability Engineer (SRE) with strong incident operations experience to support and improve the reliability of cloud and data platform services across … Snowflake. The role focuses on proactive monitoring, rapid incident response, service restoration, root cause analysis, and operational automation. The ideal candidate will have hands-on experience with AWS infrastructure, Snowflake operations, observability tooling, and on-call support in production environments. Key responsibilities: Lead incident triage and resolution ...

SIEM: Collaborate with our SOC partner to design and optimise Splunk dashboards and alerts, turning raw data into actionable intelligence to combat sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes … Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious activities within the environment. Train the Team: Elevate the skill level of the existing team in CrowdStrike, Splunk, and security analysis. ...

knowledge articles; contribute to operational readiness Support audits and control testing; evidence compliance with security and regulatory requirements. Participate in on-call/incident response, problem management, and continuous improvement. Essential Skills Knowledge of Multi-Factor Authentication/Passwordless Authentication technology is required. Strong hands-on experience with … engineering MFA/SSO within an enterprise IAM environment. Working knowledge of PKI, certificates, TLS, and key management concepts. Experience operating production services: monitoring, incident management, change/release processes. Desirable Skills Previous experience of working in financial services, ideally HSBC experience. EntraID/AzureAD experience. Scripting/automation ...

Egress and MFA solutions. Produce technical documentation and support continuous improvement initiatives across IT systems and services. Assist with information security compliance, audits and incident response activities aligned to Cyber Essentials and ISO27001 standards. Participate in an out-of-hours on-call rota and provide occasional support across ...