1 to 25 of 43 DemandTrendContract Incident Response Jobs in the UK excluding London

Job Title: Cyber Security Response Specialist Location: Warwick OR Wokingham, Hybrid, 2 days onsite per week Remuneration: Daily Rate From: £650 Contract Details: Fixed Term Contract, 6 months, Full Time Responsibilities: Develop and maintain incident response plans, processes, and documentation. Implement effective Incident Response processes for remediation and restoration. Lead Post Incident Response and Lessons Learned initiatives. Design and deliver engaging incident response exercises at various command levels. Communicate vital information through reports, presentations, and briefings. Provide expert cyber security knowledge and drive continuous improvement. Establish and nurture relationships for effective incident communication. Collaborate with government and energy sector stakeholders to enhance security. About the Role: Join our vibrant … team as a Cyber Security Response Specialist, where your expertise in incident response will shine! This exciting opportunity allows you to design and implement robust incident response processes, providing critical support to Security Operations and ensuring seamless management of all Security Incidents. You'll be part of a dynamic joint cyber and physical security response More ❯

Job Title - Senior Digital Forensic and Incident Response Consultant Engagement Type - Contractor Contract Length - 12 months Day Rate - £700/800 per day (Inside IR35) Your new role In this role, you will be responsible for integrity in analysis, quality in client deliverables, as well as gathering case-load intelligence. The position will operate in a close team … as customer management, counsel, human resources, and other IT technical personnel. As a client-facing expert within the team, you will be delivering proactive and reactive Digital Forensics and Incident Response (DFIR) services. This role is responsible for architecting cyber resilience for the business' clients through strategic planning and assessment, pressure-testing defences via advanced breach simulations, and … providing decisive leadership as an Incident Commander during major cyber crises. What you'll need to succeed ? Experience in the tools, techniques, and methodologies surrounding incident response, computer forensics, industrial control; systems; IoT, and eDiscovery. ? Experience in at least two (2) of the following operating systems: Windows, Linux, Unix, MacOS. ? Experience in consulting customers in DFIR capacity More ❯

our systems. Key Responsibilities SIEM Management: Monitor and optimize Security Information and Event Management (SIEM) tools like Splunk. Firewall & Proxy Audits: Review configurations and coordinate changes with infrastructure teams. Incident Response: Act as part of the Cyber Security Incident Response Team (CSIRT) to address threats. Compliance: Ensure alignment with ISO 27001, and other security standards. Risk More ❯

Threat Modeling & Risk Assessment: Strong knowledge of security risk management. Cloud & Container Security: Expertise in AWS, Azure, GCP, Docker, and Kubernetes. Security Governance: Experience developing and enforcing security standards. Incident Response Leadership: Skilled in leading incident response and root cause analysis. Training & Mentorship: Ability to upskill teams on DevSecOps best practices. Please apply with your updated More ❯

is a hands-on role where youll play a key part in strengthening the organisations cyber defence posture by collecting, analysing, and disseminating actionable intelligence. Youll work closely with incident response, security operations, vulnerability management, and leadership teams to anticipate threats, mitigate risks, and improve resilience. Key Responsibilities: Collect and analyse intelligence to address high-priority security requirements. … Produce and share actionable threat intelligence with stakeholders across security operations, incident response, and fraud prevention. Conduct dark web investigations and OSINT gathering to support requests for intelligence. Proactively identify internal and external threats, including insider threats, and escalate as appropriate. Support the running of a threat intelligence platform to structure and standardise cyber threat data. Write and … edge global security team. Your Profile: Strong background in technical investigations, OSINT, and dark web intelligence. At least 2 years of security experience, ideally with exposure to threat intelligence, incident detection, or response. Solid understanding of the threat intelligence lifecycle and common cyber threat groups. Strong analytical skills with the ability to turn complex data into actionable insights. Self More ❯

alerting systems, SLA/SLO/SLI monitoring, alert tuning. Proven track record leading and mentoring engineering teams. Experience working in multi-disciplinary environments with multiple stakeholders. Involvement in incident response, postmortems, on-call rotations. Strong communication skills, with ability to explain technical direction clearly. Java Technical Lead X5 – (Java 8) SC Security Cleared- Key Responsibilities Lead and …/CD, infrastructure, and monitoring. Ensure systems are secure, resilient, and aligned with engineering standards. Collaborate with Dev, Ops, QA, and Security teams in a cross-functional environment. Support incident response, troubleshooting, and postmortems to improve reliability. Contract until March 2026 with scope to extend-£550-£650pday inside IR35 Hybrid working with ad hoc days on site when More ❯

e.g., ISO 27001, NIST), and risk mitigation. Conduct assessments and audits of existing network and cloud security postures. Deliver workshops and training sessions on M365 and Azure security capabilities. Incident Response & Monitoring: Collaborate with SOC teams to monitor and respond to network-based threats. Utilize Microsoft Sentinel and Defender for Cloud to detect and remediate vulnerabilities. Develop playbooks More ❯

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the XDR Protective Monitoring Sub team. Cyber Operations purpose is to support safe care and … Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non … contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Deputise for Security Lead (Analyst) in their absence. Act as an escalation point for Tier 2 Analysts for incidents and investigations. Offer mentorship and guidance to Tier More ❯

CD practices to accelerate delivery and improve consistency. Compliance and Security Controls: Implement and monitor controls to ensure infrastructure build and release processes meet regulatory and internal compliance requirements. Incident and Problem Management: Oversee incident response and root cause analysis related to build and release operations, ensuring timely resolution and preventative measures. Performance Monitoring and Optimization: Monitor … application, and security teams to ensure build and release operations support broader infrastructure and business goals. Documentation and Reporting: Maintain accurate documentation of build and release procedures, configurations, and incident reports. Provide regular updates to senior management. Skills & Experience Strong leadership skills with experience managing technical teams. Proven experience managing infrastructure build and release operations in hybrid cloud and More ❯

Information Security Office Function (CISO) The Security Analyst (XDR) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre) providing second line security analytics and incident response services. The post of Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this … that RRP is non contractual and subject to review. Main duties of the job As a Security Analyst (XDR) you will: Act as a Tier 2 Extended Detection and Response (XDR) analyst for the Security Operations team. Deputise for Senior Analysts in their absence. Act as an escalation point for Tier 1 Junior Analysts for incidents and investigations. Offer … title is advertised to attract the right skills needed for the role. The post of Security Advisor/Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

engineers to embed security into infrastructure-as-code and deployment workflows Monitor and respond to security events and alerts from observability platforms Maintain documentation of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity More ❯

Splunk, or QRadar. DR deployment, configuration & management - experience with tools like Tanium, Trellix, FireEye, Defender, Elastic EDR Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats. Incident Response - Assist analysts to analyze and mitigate security incidents & have a good understanding of SOC function OOTB & Custom log ingestion Creation - Deploy OOTB integrations as well as develop More ❯

CSOU) Cyber Delivery Unit (CDU) Cyber Improvement Programme Chief Information Security Office Function (CISO) The post of Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non … the job The Security Analyst (Ops Networks and Infrastructure) role is within the Security Operations pillar of the CSOC (Cyber Security Operations Centre) providing second line security analytics and incident response services. Act as a Tier 2 National Networks and Infrastructure analyst for the Security Operations team. Deputise for Senior Analysts in their absence. Act as an escalation … title is advertised to attract the right skills needed for the role. The post of Security Advisor/Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is non More ❯

monitor key risk indicators (KRIs) and key performance indicators (KPIs). Support project teams in embedding risk management throughout project lifecycle. Collaborate with internal and external partners to enhance incident response and cyber resilience. Candidates will have; Experience in a cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR More ❯

level. Generation of Key Components across various platforms (including IBM, Tandem, Unix) together with management of Cryptographic infrastructure. SSH Key Management. Certificate management HSM configuration/installation/support Incident management Change management ITIL Ensure the integrity and availability of cryptographic and key management services to business functions and applications ? Key Accountabilities: Cryptographic Hardware Management - including on site local … core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record Management. Excellent Risk and Control Maintenance Ensure governance and clear record keeping … creation and maintenance. Deep understanding of change disciplines including change and release management and track record of delivering change projects in a timely manner with high quality Strong in incident response procedures and standards, strong communication skills and ability to articulate complex events to management. Experience of Sharepoint, Confluence and JIRA. Unix/Windows O/S skills More ❯

measures into development processes. Stay updated on the latest security trends and technologies to enhance our security posture. Provide guidance and mentorship to junior security team members. Engage in incident response activities, ensuring swift resolution of security incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge More ❯

measures into development processes. Stay updated on the latest security trends and technologies to enhance our security posture. Provide guidance and mentorship to junior security team members. Engage in incident response activities, ensuring swift resolution of security incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge More ❯

actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications (CISSP, CISM, CISA, CRISC) desirable. This More ❯

compliance with and company adherence to relevant regulations and control frameworks e.g. NCSC CAF, ONR SyAPs, ISO27001. Proven knowledge of adversary TTPs and frameworks like MITRE ATT&CK. Strong incident response, investigation, analysis, logging and reporting skills. Excellent communication and stakeholder management skills with the ability to translate complex technical threats and attack paths to non-technical audiences. … Nice to have: GIAC Certified Incident Handler (GCIH) Certification or similar. Immediate availability. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk More ❯

and configuring SIEM platforms. Strong skills in log collection, analysis, and alerting rule development. Familiarity with integrating EDR, IPS, Firewalls, and audit systems with SIEM/SOC. Understanding of incident response processes and supporting toolsets. Knowledge of the NIST Cybersecurity Framework. Ability to communicate technical insights to both technical and non-technical stakeholders. Comfortable working in a fast More ❯

in alignment with security policies (e.g. RMADS, JSP604, JSP440, SbD). Expertise in Public Key Infrastructure (PKI), identity management and federation, firewalls, SIEM, vulnerability scanning, and cryptography. Experience overseeing incident response, vulnerability management, and security service delivery, ideally within ITIL-aligned environments. Ability to translate complex security concepts into clear, actionable guidance for stakeholders at all levels. Skilled More ❯

to cross-functional teams during AI/ML system design and deployment. Contribute to regulatory compliance efforts (EU AI Act, GDPR, ISO 27001, NIST AI RMF, etc.). Support incident response teams in handling AI/ML-related security events. Your Profile Wed love to hear from you if you have: Strong experience as a Security Architect , with More ❯

into actionable engineering guidelines and reusable controls. Ensure AI systems avoid prohibited practices and meet obligations around: Transparency and user awareness Data minimisation and lawful processing Continuous monitoring and incident response Cross-Functional Collaboration & Governance Partner with legal, compliance, and architecture teams to align AI development with enterprise risk and governance frameworks. Contribute to internal working groups on More ❯

mandatory Rate: up to £460 p/d Umbrella inside IR35 Role purpose/summary Conduct audits of cybersecurity controls across various domains (e.g., identity & access management, data protection, incident response). Evaluate the effectiveness of cyber risk management practices. Collaborate with internal stakeholders to identify control gaps and recommend remediation. Prepare audit reports and present findings to More ❯