1 to 25 of 39 Contract Incident Response Jobs in the UK excluding London

security stacks. The ideal candidate will have expertise in monitoring and analyzing security incidents in SOC. Your Responsibilities (Up to 10, Avoid repetition) 1. Incident Detection and Response Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize … security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures. Quality Assurance for SOC L1, monitoring and triaging. 2. Incident Detection and Response Lead investigations and remediation of complex ...

Security Lead - Incident Response & Threat Management 4 Months Contract £400 to £500 a day Inside IR35 Remote working *Active Security Clearance is Needed* A well-established consultancy firm is urgently looking for an experienced Security Lead with a strong background in Incident Response and Threat Management … high-profile client. This role requires a professional with active SC Clearance and a deep understanding of SecOps analyst support. Core Responsibilities Incident Management: Directing the full incident response lifecycle, including the triage, investigation, and total resolution of security events. Threat Intelligence: Utilising Recorded Future, OpenCTI ...

months). In full: Job Purpose The UK CSIRT Tier1 Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work within a team and individually, to respond to incidents and security events. … role requires the individual to have a high level of performance and individual ability. About the Role As part of the Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CISRT analyst within its Cyber Security Operations Centre (CSOC ...

risks and implement mitigation strategies. Collaborate with cross-functional teams to ensure data security requirements are integrated into new projects and existing systems. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Ensure compliance with industry standards and regulatory requirements related to data … processes. Develop and deliver training programs for employees to increase awareness of security practices, especially regarding email security and phishing prevention. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber threats targeting the organisation. Participate in or lead incident response activities ...

Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis … Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling ...

threats. You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process. Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. … will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need ...

high-performing Security Operations Centre supporting a large-scale telecoms environment. This is a hands-on Tier 2 CERT role focused on investigation, response, and remediation of security incidents across enterprise-scale infrastructure. If you enjoy solving real incidents rather than just closing tickets, this role will suit you. … Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities with IT and engineering teams Produce clear incident reports with technical findings and remediation actions Quality assurance of SOC L1 triage and alert handling Develop and refine detection use cases, playbooks ...

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every aspect … infrastructure and change lifecycle, ensuring our defences are proactive, responsive and resilient. From playbook rehearsals to live incident recovery, you'll be the calm in the storm, guiding teams through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

working from Sheffield + £550 to £570 per day + Inside IR35 Key Skills: + 3rd/4th Line Support to M365 Copilot + Incident response Job Description: Provide 3rd/4th Line Operational Support for M365 Copilot across HSBC's tenant. Providing incident response via complex troubleshooting, policy/configuration changes and mass deployments throughout the organisation. Key Responsibilities: + Incident & Problem Management: Triage and resolve complex M365 escalations/Multi User Incidents (usage, access errors, unexpected results). Root cause analysis across M365 Admin Centre, Entra, Conditional Access, SharePoint/OneDrive ...

maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. - 3 days on site in Birmingham (Please ensure you are local before applying) - £400 - £500 p/d depending … manage the performance of the SIEM infrastructure. Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems Stay informed about emerging threats and security best practices. What you need to do now If you're interested in this role ...

across IT projects, platforms, and operational environments Act as the security lead for assigned IT projects, ensuring alignment with security policies and standards Oversee incident response, investigations, and post-incident reviews for IT security events Ensure compliance with information security frameworks, regulatory requirements, and internal controls Work ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Analyst, you will play a key role in delivering effective SOC services across multiple platforms and projects. You will provide hands on monitoring and incident response while also supporting the development of people, processes and security controls. Key responsibilities include: Leading and mentoring a small team … Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support ...

platform technologies, guiding architectural decisions and mentoring engineers. Evaluating and adopting new technologies to strengthen platform innovation and long-term scalability. Supporting governance, incident response, and strategic platform planning across hybrid environments. Main Skills Needed Proven background in platform engineering, DevOps, or infrastructure development. Hands-on experience with ...

lead a team delivering essential services including DNS, DHCP, load balancing and URL redirection . You will be responsible for capacity planning, operational stability, incident response and continuous improvement across a complex, multi-vendor network landscape. You will act as the senior technical escalation point during major incidents … capacity planning for both day-to-day operations and project demand. Manage and operate multi-vendor platforms including BlueCat, Windows and HAProxy. Ensure timely response to incidents and service requests in line with defined SLAs. Own service standards, documentation and continuous improvement initiatives. Drive efficiency and automation using Python ...

enhance platform services across hybrid environments Improve and standardise automated deployment and CI/CD pipelines Strengthen observability, monitoring, and proactive operations Support incident response, troubleshooting, and service improvements Provide guidance on platform patterns, tooling, and best practices Contribute to architectural decisions and technical governance Share knowledge ...

cryptographic controls, and data sovereignty requirements Create compliance, risk, and assurance packs including RMF-aligned risk assessments and audit evidence Support security operations, monitoring, incident response, and continuous assurance Essential Skills Active DV Clearance Strong background in Cloud Security Assurance within defence or regulated environments Deep knowledge ...

SIEM infrastructure. Security Engineering: o Contribute to security engineering projects, transitions, and transformations. o Work closely with security operations and associated security incident response systems o Stay informed about emerging threats and security best practices. Advantageous: SIEM implementation and usage Experience of Elastic Stack (ELK) Knowledge of Offensive ...

performance of the SIEM infrastructure to maintain optimal functionality. Security Engineering:Contribute to various security engineering projects and work closely with security operations and incident response systems. Stay updated on emerging threats and best practises in the cybersecurity landscape. Skills You'll Need to Succeed: Essential:- Strong experience ...

delivery lifecycle, working within government or regulated environment standards. Collaborate with cross-functional teams (developers, architects, security, product) to support application delivery and incident resolution. Produce and maintain technical documentation, runbooks, and operational procedures. Essential skills and experience Hands-on experience as a Cloud/DevOps/Platform Engineer …/CD pipelines. Good understanding of cloud security principles, IAM, network security, and compliance in regulated environments. Proven experience operating production workloads (monitoring, incident response, performance, cost optimisation). ...

risk experience to join a large public sector organisation in a critical environment, offering a varied role across alert triage, compliance, risk assessments and incident response.This company are a major public sector organisation supporting essential services and operating a complex technology estate. They are looking to strengthen their cyber …/tickets, prioritisation and escalation support*Cyber risk assessments, controls monitoring, audits and project advice*Support compliance activity (DSPT/standards) and vulnerability management*Incident response support + maintaining SOPs and security tooling (e.g., AV/firewalls) The Person: *Cyber security experience (assurance/risk/compliance ...