1 to 25 of 40 Contract Incident Response Jobs in the UK excluding London

boards from below onwards The Role As SOC Manager: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC … activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports … to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Skills & Experience from the SOC Analyst Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience More ❯

Skills & Experience from the Security Engineer Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience More ❯

Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security … alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now More ❯

Day Rate: £382.50 per day Inside IR35 The Role We are seeking an experienced SOC Level 2 Analyst to join our Security Operations Center, supporting threat detection, investigation, and response across enterprise systems. You'll work with leading security technologies, responding to advanced threats and guiding L1 analysts in a fast-paced, collaborative environment. Key Responsibilities Investigate and remediate … tools such as Splunk and Microsoft Defender. Perform forensic analysis to identify root causes and recommend containment and recovery actions. Develop detection use cases, improve processes, and maintain accurate incident documentation. Collaborate with IT and security teams to strengthen overall detection and response capability. Essential Skills & Experience 6-8 years in cybersecurity, with strong SOC or incident response experience. Proficient in SIEM (Splunk, ArcSight) and EDR (Defender, CrowdStrike, Carbon Black). Strong knowledge of digital forensics, malware analysis, and threat hunting. Skilled across Windows, Linux, and cloud environments. Familiar with frameworks such as MITRE ATT&CK, NIST, and ISO 27001. Scripting experience (Python, PowerShell) beneficial. Preferred Certifications SOC-related (CySA+, Blue Team L1, GCIH, GCIA More ❯

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose is to support safe care and … Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none … contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Deputise for Security Lead (Analyst) in their absence. Act as an escalation point for Tier 2 Analysts for incidents and investigations. Offer mentorship and guidance to Tier More ❯

Exposure to virtual networking and automation tools (Terraform, Ansible, Python, etc.). Monitoring & Management Knowledge of network management systems (SolarWinds, Cisco DNA Center, etc.). Performance monitoring, logging, and incident response design. 3. Experience Requirements Typically710+ yearsin network engineering, with35 yearsin architecture or design roles. Proven experience in large-scale or complex enterprise environments. Experience producing architectural artefacts More ❯

aligned with ISO 27001, NIST, and CIS frameworks. Produce detailed documentation for configurations, processes, and troubleshooting. Collaborate with global cloud, security, and infrastructure teams for consistent, secure operations. Support incident response, root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

We are currently recruiting for Defence Associate Security Analysts with knowledge of Cyber security threats using SPLUNK and EDR (Endpoint Detection and Response) to join a great project for 3 months, that is ran by a Central Government Authority. The best thing about this opportunity is that you will have a great work-life balance with remote working , thus … be able to organise your time up to your liking (2-3 days/week in London office) Essential Experience: Experience of investigating and responding to cyber incidents, coordinating incident response in large org5+ years' experience SPLUNK and EDR (Endpoint Detection and Response) Analytical, problem solving oriented MOD/DEFENCE - highly desirable SC Clearance - Candidates holding active … Central Government Contrac t so you can improve prospects for future contracting Interviews will start as soon good candidates are available, if you are interested do not delay the response and forward you updated CV today. If you would like to discuss further about this opportunity or others in the UK Public Sector, please reach out (extension 8144) and More ❯

SC), to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

HSM health using appropriate tools Automate cryptographic processes using Python or other scripting languages SSH key and certificate lifecycle management Generate key components across IBM, Tandem, Unix platforms Support incident, change, and problem management (ITIL-aligned) Maintain accurate documentation and audit trails Collaborate with stakeholders across security, infrastructure, and operations teams Essential Skills Recent hands-on experience with HSMs … management and documentation skills Desirable Skills Experience in operational IT security roles Familiarity with SharePoint, Confluence, JIRA Unix/Windows OS knowledge Experience in change and release management Strong incident response and communication skills If this role is of interest please don't hesitat to apply or get in otuch at (url removed More ❯

looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a … level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon … agents across enterprise endpoints. Maintain and update detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage More ❯

Required Skills/Experience The ideal candidate will have the following: Cybersecurity Expertise: ? Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud. ? Broad background across information technology with the ability to communicate clearly with non-security technical More ❯

for the day-to-day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team members including SOC engineers and … is a mandatory requirement for role fulfilmentExperience working with SIEM technologies and security toolingAn understanding of IT Infrastructure and NetworkingAn understanding of vulnerability and threat managementAn understanding of the incident response lifecycleThe ability to work in a close team and independentlyThe ability to be adaptable to a high-paced changeable workload What you'll get in return More ❯

Intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Responsibilities Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions, including application … aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance dashboards More ❯

Manager to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll manage a team of analysts, drive incident response, and ensure the SOC delivers measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy … with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

support IT Service Management (ITSM), Agile delivery, and operational excellence. This role ensures workflows, automations, and integrations are aligned with organisational processes and governance standards, enabling efficient service delivery, incident response, and knowledge management. Key Duties and Responsibilities Design, build, and maintain JSM workflows, including request, incident, problem, and change management processes. Create and optimise automation rules … to streamline ticket handling and escalation processes. Develop and manage Proforma forms for structured data capture and improved user experience. Configure and support ITSM modules (Request, Incident, Problem, Change, Asset, and Configuration Management). Administer and maintain the Assets module (Insight), including: Asset schema design Custom field integrations Attribute-based automation and relationships Implement and manage webhooks to integrate … Implement tagging and labelling conventions to ensure discoverability and content consistency. Required Competencies Proven experience configuring and administering Jira Service Management and Jira Software. Strong understanding of ITSM principles (Incident, Problem, Change, and Request Management). Experience with JSM Automations, Workflows, and Assets (Insight). Competence in building dashboards and reports using Jira Query Language (JQL). Understanding of More ❯

Virtualisation Platform Engineer or similar role. Strong understanding of virtualisation platforms and container orchestration tools. Proficiency with automation and scripting (Terraform, Bash, Python). Experience with monitoring, alerting, and incident response tools. A passion for engineering excellence, automation, and operational efficiency. More ❯