1 to 25 of 30 Remote Contract Incident Response Jobs

DFIR AnalystDigital Forensics & Incident Response/Threat Hunting/Cyber Analytics/Outside IR35/Fully Remote/£550–£600 pd/ASAP Start/6 Months SR2 has partnered with a cutting-edge Cybersecurity MSP delivering critical threat detection and incident response capabilities to a number of global financial clients.You’ll be part of a … dynamic DFIR team tasked with identifying, analysing, and responding to security incidents, proactively hunting for advanced threats, and contributing to the enhancement of threat detection strategies. Key Responsibilities Incident Response – Detect, document, and resolve security incidents efficiently Endpoint Forensics – Analyse host-based artifacts to reconstruct timelines and attacker activity Security Analytics – Extract meaningful insights from large datasets for More ❯

an accomplished Security Operations Centre (SOC) Manager to lead the Cyber Security Operations Centre and be responsible for managing the day-to-day operations of the SOC team, overseeing incident detection and response, ensuring vulnerability scanning and remediation efforts across the organization. Predominantly remote work with occasional Lon don and Leeds office visit Lead and manage the SOC … team, including security analysts and incident responders, ensuring 24/7 coverage and effective incident handling. Oversee threat monitoring, detection, and response activities to minimize the impact of cyber incidents. Implement and manage vulnerability scanning programs, coordinate assessments, and ensure timely remediation of findings. Develop and enforce SOC processes, playbooks, and incident response procedures. Coordinate … a strong security culture and improve technical capabilities. Essential: Experience in cybersecurity operations, with at least 2 years in a leadership or management role. Strong knowledge of SOC operations, incident response , and vulnerability management best practices. Hands-on experience with SIEM tools (Splunk, QRadar, Sentinel), vulnerability scanners (e.g., Nessus, Qualys), and other security platforms. Relevant certifications such as More ❯

Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What … You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to More ❯

security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain accurate incident logs and reports to support post-incident analysis and continuous improvement. * Provide … with a strong focus on security information and event management systems, including Microsoft Sentinel. * In-depth knowledge of security monitoring techniques and integration technologies. * Demonstrated ability to execute robust incident response processes. * Strong communication skills, with the ability to educate and support staff on security protocols. * Experience working collaboratively with technical and non-technical teams to improve security More ❯

in network security to lead and coordinate critical infrastructure and cybersecurity projects. This role operates on a 24/7 shift rotation , ensuring continuous oversight of security initiatives and incident response coordination. Key Responsibilities and skills Lead and manage end-to-end delivery of network security projects, ensuring alignment with business goals and compliance standards. Coordinate with cross … network security technologies. Monitor project progress during all shifts, ensuring timely escalation and resolution of issues. Maintain detailed project documentation, including risk assessments, change logs, and status reports. Support incident response efforts and post-incident reviews during off-hours. Ensure adherence to cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements. Provide leadership and mentorship to junior More ❯

a strong grasp of operational security. Responsibilities Lead and support a team of cybersecurity analysts, ensuring high performance and professional development. Oversee day-to-day security operations, including monitoring, incident response, and threat management. Act as an escalation point for complex incidents and coordinate appropriate response and remediation. Support the delivery of security-related projects, ensuring alignment …/Auditor). Demonstrable experience in a cyber/information security leadership or senior analyst role (in a public sector environment is a bonus) Strong understanding of security operations, incident response, and risk management. Experience developing and maintaining security policies and procedures. Excellent communication and stakeholder engagement skills. What you'll get in return 6-9 Month Contract More ❯

on-prem infrastructure Collaborate with engineering teams to enhance integration and performance of Microsoft security tools Mentor junior SOC analysts and contribute to internal capability development Maintain and enhance incident response playbooks, processes, and documentation Produce regular performance metrics and threat intelligence summaries Required Skills & Experience 5+ years in cybersecurity, with at least 2+ years at SOC Level … evolving threats Familiarity with the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent written and verbal communication skills Nice to Have Experience in the retail or FMCG sector supporting large-scale SOC environments … Background in major incident response and operational recovery Esther Urtecho Senior Delivery Consultant London | Bristol | Amsterdam More ❯

levels to assist with the timely resolution of Incidents * Respond to incidents and obtain forensic information as directed * Prioritising and differentiating between potential intrusion activity and false alarms * Conduct incident and investigation post-mortem briefings, analysis, and reporting Key Skills & Experience: Security Tooling * Provide hands-on security leadership and oversight of security tooling * Offer security guidance, risk assessment and … assurance to business stakeholders * Lead incident response and oversee escalated alerts * Conducts follow up remediation and track findings from previous audits through to closure * Conduct Education and awareness training events * Manage and optimise the use of security technologies, services, and processes * Deliver security review processes, supporting change control, architecture assessments, and risk management * Work collaboratively with internal stakeholders More ❯

security systems, including next-generation firewalls, IPS, SIEM tools, endpoint security, and other devices/services. Respond to and analyze security incidents, deploying patches and mitigating vulnerabilities promptly. Security Incident Response: Identify and respond to external and internal threats, investigate security incidents, and implement necessary fixes. Project Collaboration: Work on cyber security projects, particularly those requiring security input … manage firewall and data encryption software to protect sensitive business information. Risk Assessment: Continuously assess risks and report to management to support informed decision-making on cyber security matters. Incident & Service Management: Manage and resolve incidents or service requests in compliance with Service Level Agreements (SLAs). Documentation & Compliance: Create and maintain system documentation, execute housekeeping and maintenance routines More ❯

Microsoft Sentinel and Azure , including automation using Sentinel playbooks . You'll also be expected to mentor internal analysts and drive cross-departmental engagement on cyber posture, compliance, and incident response readiness. Key Responsibilities: Act as the lead for cyber security across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead More ❯

relationships between business services and underlying infrastructure • Identify and build business applications from discovered/ingested Asset data and mature a ServiceNow-Splunk integration for enhanced security monitoring and incident response. • Configure and enhance ServiceNow SIR and SecOps modules to support CSOC incident response and Vulnerability Management capability. • Develop and maintain documentation for all configurations and customisations. More ❯

Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security baseline validation Some threat hunting and forensic analysis Creating documentation, playbooks, and security … for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling multiple tools - Elastic, Tenable, CrowdStrike (or comparable alternatives More ❯

days in the office, 2 days from home The Role: Support the delivery of robust information security and privacy practices across global operations. Conduct security risk assessments, support incident response, and contribute to audits and compliance initiatives. Maintain and enhance the firm’s ISMS and Business Continuity frameworks. Complete client cyber due diligence and collaborate closely with internal More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Skills/requirements Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

intelligence and service assurance. You will be responsible for designing, implementing, and supporting monitoring solutions across a range of technologies and platforms, ensuring service stability, performance insight, and proactive incident management. Key Skills/requirements Translate high-level monitoring non-functional requirements (NFRs) into actionable configurations across tools such as Splunk, Dynatrace, and AppDynamics. Deliver full-stack observability solutions … application-aware network performance monitoring (NPM), synthetics, log analytics, and infrastructure metrics. Provide live support for monitoring technologies and assist with live service support, including key business events and incident response (some KBE's may be out of hours). Collaborate with architects and project teams to integrate monitoring into solution designs and test strategies. Maintain and enhance More ❯

and security reviews across cloud-native platforms. Collaborate with DevOps, engineering, and compliance teams to embed security best practices. Define and maintain security policies, standards, and reference architectures. Support incident response and cloud forensics as needed. Ensure alignment with security frameworks (eg, ISO 27001, NIST, CIS). Essential Skills 5+ years in security architecture roles, with a strong More ❯

security data and identify patterns or anomalies that may indicate a security breach Review regular vulnerability assessments and penetration testing to ensure the robustness of security measures Contribute to incident response plans to address security breaches promptly and effectively About you: You will have the following experiences: Extensive experience in a similar role Proven experience in cyber security More ❯

Collaborate with engineering teams to automate deployment, monitoring, and scaling of applications Ensure platform security, compliance, and observability through DevSecOps best practices Participate in architecture reviews, sprint planning, and incident response processes Contribute to the development of reusable DevOps assets and CoE engineering standards Support the integration of DevOps practices across multiple delivery teams and client engagements Required More ❯

capability development and maturity across the organisation. Essential Skills & Experience 5 10 years of hands-on experience in cyber security operations. A deep functional understanding of cyber threat detection, incident response, SOC operations, risk management, etc. Demonstrated involvement in procurement and commercial activities from within the cyber function such as defining technical requirements, evaluating suppliers, or working with More ❯

capability development and maturity across the organisation. Essential Skills & Experience 5-10 years of hands-on experience in cyber security operations. A deep functional understanding of cyber - threat detection, incident response, SOC operations, risk management, etc. Demonstrated involvement in procurement and commercial activities from within the cyber function - such as defining technical requirements, evaluating suppliers, or working with More ❯

capability development and maturity across the organisation. Essential Skills & Experience 5–10 years of hands-on experience in cyber security operations. A deep functional understanding of cyber – threat detection, incident response, SOC operations, risk management, etc. Demonstrated involvement in procurement and commercial activities from within the cyber function – such as defining technical requirements, evaluating suppliers, or working with More ❯

adversarial testing, model bias assessments, and trustworthiness evaluations. Contribute to training and awareness initiatives on AI/ML security best practices. Act as a key stakeholder in AI-related incident response and mitigation. Your Profile Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML More ❯

tools like CloudWatch, Prometheus, or Grafana to maintain infrastructure health and performance. Security & Operations: Follow DevSecOps best practices for secure infrastructure design. Manage secrets, scan for vulnerabilities, and support incident response procedures. Collaboration: Work closely with cross-functional teams including development, data, and security. Participate in technical reviews, planning sessions, and architecture discussions. Documentation: Maintain up-to-date More ❯

infrastructure automation capabilities Proficiency in configuring, managing, and troubleshooting Firewalls. Cisco, Palo Alto etc, Experience with intrusion detection/prevention systems, as well as with SIEM tools and security incident response. Design and implement secure network architectures, including Firewalls, intrusion detection/prevention systems, and encryption technologies. Be able to communicate to technical and non-technical stakeholders Must have More ❯

as Terraform, Ansible. Monitor, troubleshoot, and optimize systems, networks, and application performance across hybrid environments. Collaborate with security, development, and operations teams to enforce DevSecOps best practices. Participate in incident response, root cause analysis, and implement long-term fixes. Maintain and document configurations, processes, and network topologies. Required Qualifications Extensive hands-on experience with F5 load balancers expertise. More ❯