1 to 25 of 44 Contract Incident Response Jobs in the UK excluding London

security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat … the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or … Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within More ❯

systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools and technologies, and stay informed on emerging threats and vulnerabilities. Required More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python More ❯

and SaaS platforms to validate compliance with the client’s security standards Assist in threat modelling, risk assessments, and documenting security controls across infrastructure and application layers Participate in incident response efforts and support the identification of root causes and mitigation strategies Requirements of Security Architect role: Minimum of 5 years' experience in IT security, ideally including exposure More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an Embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage … with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line … of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience eg Python More ❯

the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: * Effective Tier 1 to 2 alert triage … Solutions Lead with project activity * Conduct proactive threat hunting in collaboration with the CTI function * Conduct HR and InfoSec related investigations * Ensure the timely triage and remediation of any incident or request tickets raised to the SOC * Participate in the activity of adding/removing URLs from the AcceptList and BlockList * Attend routine security meetings Modis International Ltd acts More ❯

Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of … the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings What do you need … attack vectors, propagation, and impact. Excellent communication skills for liaising with business and suppliers. Desirable Skills & Experience (Senior Level) Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution. Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection More ❯

SOC Analyst to join their established Security Operations Centre (SOC), working alongside a team of experienced Cyber Engineers and Analysts. This is a critical role where you will lead incident investigations, mentor junior analysts, and represent the SOC in key stakeholder engagements. Your new role Monitor, triage, and investigate security alerts using protective monitoring platforms Interpret system logs and … reports to identify intrusions, threats, or policy breaches Lead the team in incident investigations and determine appropriate response actions Oversee the implementation of resolutions and ensure effective incident handling Analyse security event data to support customer incident response Represent the SOC in meetings, advise on new services, and assess operational impact Stay up to date More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

SSCP – Highly desirable Bonus Skills & Knowledge Awareness of compliance and risk frameworks such as ISO 27001, NIST, and CIS Benchmarks. Ability to support threat modelling, cloud risk assessment, and incident response planning. Exposure to Infrastructure-as-Code (IaC) security using tools like Terraform, ARM templates, or Bicep. Skilled in translating technical risks into business terms for senior stakeholders. More ❯

join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate security alerts from … Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and More ❯

log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing applications and infrastructure Security Advisory More ❯

on GDPR, UK Data Protection Act, and other relevant regulations. Partner with internal stakeholders across legal, compliance, IT, and operations to improve the organisation's security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current More ❯

We are seeking a skilled SOC Response Analyst to join our cybersecurity operations team. This role focuses on advanced monitoring, incident response, and threat intelligence integration to protect business-critical systems and data. You will serve as the escalation point for security events, manage incidents from detection through resolution, and contribute to ongoing improvements in security posture … a comprehensive view of threats. Develop and manage outcome-driven use cases in collaboration with security operations. Support consistent, high-quality monitoring across internal teams and third-party services. Incident Response Lead incident response efforts, including containment and recovery. Conduct post-incident reviews and implement lessons learned. Participate in a rotating on-call schedule for … urgent response needs. Threat Intelligence & Risk Integration Gather and apply threat intelligence to strengthen detection and response. Track long-term trends and apply risk-based thinking to prioritise issues. Stay current on emerging threats, vulnerabilities, and industry trends. Collaboration & Third-Party Management Coordinate with internal teams and external partners to maintain secure operations. Ensure third-party services meet defined More ❯

per week on-site and the remainder remote. You'll play a central role in monitoring, analysing, and improving the organisation's cyber security posture - particularly around SIEM and incident response, with a strong focus on Microsoft Sentinel. Key Responsibilities: Monitor security alerts and log data using Microsoft Sentinel and related SIEM tools Respond to security incidents, performing … experience in a cyber security analyst or SOC analyst role Strong hands-on knowledge of Microsoft Sentinel and broader SIEM technologies Solid understanding of threat detection, log analysis, and incident response workflows Experience working in a public sector or regulated environment is highly desirable Ability to clearly communicate security issues and provide actionable advice to stakeholders This is More ❯

security systems, including next-generation firewalls, IPS, SIEM tools, endpoint security, and other devices/services. Respond to and analyze security incidents, deploying patches and mitigating vulnerabilities promptly. Security Incident Response: Identify and respond to external and internal threats, investigate security incidents, and implement necessary fixes. Project Collaboration: Work on cyber security projects, particularly those requiring security input … manage firewall and data encryption software to protect sensitive business information. Risk Assessment: Continuously assess risks and report to management to support informed decision-making on cyber security matters. Incident & Service Management: Manage and resolve incidents or service requests in compliance with Service Level Agreements (SLAs). Documentation & Compliance: Create and maintain system documentation, execute housekeeping and maintenance routines More ❯

Management Oversee daily IT operations, ensuring high availability, performance, and user satisfaction. Manage escalations and prioritisation of support issues. Monitor and report on key operational metrics (e.g. SLAs, uptime, incident response). Project Delivery Lead the transition of managed services infrastructure and service desk from MSP to in-house. Oversee the reset and rebuild of the Microsoft Azure … practices into operational and project workflows. Collaborate with relevant stakeholders to ensure compliance with policies, standards, and regulations (e.g. ISO27001, Cyber Essentials). Manage risk assessments, vulnerability management, and incident response processes. Stakeholder Engagement Act as a senior point of contact for internal stakeholders regarding IT operations and service delivery. Work closely with other business units to understand More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

infrastructure. Security Knowledge: Knowledge of cloud security best practices. Familiarity and competency with Identity and Access Management (IAM). Troubleshooting and Debugging: Strong troubleshooting and debugging skills. Experience in incident response. Experience working to an Agile methodology Ability to write technical documentation Configuration control (Git) Experience with Terraform Desirable Skills Containers and Orchestration: Understanding of containerisation (Docker). Experience More ❯

in network security to lead and coordinate critical infrastructure and cybersecurity projects. This role operates on a 24/7 shift rotation , ensuring continuous oversight of security initiatives and incident response coordination. Key Responsibilities and skills Lead and manage end-to-end delivery of network security projects, ensuring alignment with business goals and compliance standards. Coordinate with cross … network security technologies. Monitor project progress during all shifts, ensuring timely escalation and resolution of issues. Maintain detailed project documentation, including risk assessments, change logs, and status reports. Support incident response efforts and post-incident reviews during off-hours. Ensure adherence to cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements. Provide leadership and mentorship to junior More ❯

Manager to lead and support a portfolio of cyber transformation initiatives across a complex technology landscape. This role is critical in driving improvements in risk mitigation, security controls, governance, incident response, and regulatory compliance. What you'll need to succeed - Proven experience managing cybersecurity or IT risk-related projects in complex or regulated environments. - Strong understanding of cybersecurity More ❯

Manager to lead and support a portfolio of cyber transformation initiatives across a complex technology landscape. This role is critical in driving improvements in risk mitigation, security controls, governance, incident response, and regulatory compliance. What you'll need to succeed - Proven experience managing cybersecurity or IT risk-related projects in complex or regulated environments. - Strong understanding of cybersecurity More ❯

and product teams to bring features to life efficiently, balancing speed with technical excellence. Delivery & Operations: Oversee day-to-day engineering operations, from sprint planning to release cycles and incident response. Security & Compliance: Ensure the platform meets industry best practices around security, data privacy (e.g., GDPR), and compliance standards (e.g., SOC 2, ISO 27001). Stakeholder Communication: Act as More ❯