24 of 24 Remote Contract Incident Response Jobs

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

opportunity to shape a secure and scalable platform at the crossroads of security, technology, and energy innovation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps modules (Security Incident Response, Vulnerability Response, Threat Intelligence, etc.). Integrate ServiceNow with cybersecurity tools (SIEM, SOAR, EDR, CMDB, OT/ICS). Work with cybersecurity, IT, and engineering teams … to automate and improve response workflows. Define and deliver the SecOps roadmap and best practices for multiple business units. Champion platform governance, scalability, and alignment with enterprise standards. Mentor delivery teams and ensure quality, performance, and security across implementations. What You Will Ideally Bring: Proven ServiceNow Architect experience, ideally across SecOps or IRM modules. Strong understanding of security operations … incident response, and vulnerability management. Hands-on expertise in ServiceNow workflows, Scripting, and integrations (REST/SOAP, MID Server). Experience supporting critical infrastructure (energy, utilities, or OT/ICS environments). Excellent stakeholder engagement and communication skills. Familiarity with security frameworks (NIST, ISO 27001) and regulations (eg, NIS2). Contract Details: Duration: 6 months (with potential for More ❯

or access issues, optimizing Zscaler deployments for reliability and low latency. Collaborate with security and IT teams to align Zscaler policies with compliance requirements, assist in audits, and support incident response processes. Design and implement Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions to secure internet-bound and internal application traffic. Integrate Zscaler services with enterprise … or access issues, optimizing Zscaler deployments for reliability and low latency. Collaborate with security and IT teams to align Zscaler policies with compliance requirements, assist in audits, and support incident response processes. Administer and manage Microsoft Entra ID (formerly Azure AD), including user and group lifecycle, directory synchronization, and role-based access control (RBAC) to enforce least privilege More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

data. Manage identities, groups, and access through Microsoft Entra ID, including Conditional Access, MFA, and Privileged Identity Management. Secure BYOD and other devices and monitor for compromised credentials. Document incident response processes and provide regular security reports. Skills and Experience 8-10 years in cybersecurity, with experience in Microsoft security solutions. Hands-on expertise with Defender XDR, Purview More ❯

Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network engineering, with 3 5 years in architecture/design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact More ❯

and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training and awareness programs to enhance the organizations security posture. Collaborate with internal and external stakeholders … curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training and awareness programs to enhance the organizations security posture. Collaborate with internal and external stakeholders … curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

and evolve Terraform modules for automated, consistent, and version-controlled deployments. Security & Access Management: Administer Conditional Access Policies, manage application registrations, and enforce secure identity and access practices. Monitoring & Incident Response: Configure and manage tools like Azure Monitor and Log Analytics to proactively detect and resolve issues. Compliance & Documentation: Maintain accurate technical documentation and ensure adherence to security More ❯

Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security More ❯

other IT teams and Service Management to support business continuity. Troubleshoot and resolve technical issues across hardware, software, and network systems. Participate in the on-call rota for major incident response once fully trained. Maintain documentation and contribute to knowledge base articles for recurring issues. Required Skills & Experience Strong working knowledge of: Microsoft Operating Systems Microsoft Exchange Microsoft More ❯

other IT teams and Service Management to support business continuity. Troubleshoot and resolve technical issues across hardware, software, and network systems. Participate in the on-call rota for major incident response once fully trained. Maintain documentation and contribute to knowledge base articles for recurring issues. Required Skills & Experience Strong working knowledge of: Microsoft Operating Systems Microsoft Exchange Microsoft More ❯

complex environment Design and enhance CI/CD pipelines to support secure, automated deployments Develop and maintain orchestration strategies for seamless, repeatable and compliant deployments Conduct proactive security assessments, incident response and remediation activities Collaborate with DevOps, Architecture and Compliance teams to ensure continuous security alignment Essential Experience Demonstrable expertise in AWS security services (e.g. IAM, KMS, CloudTrail More ❯

teams to ensure Databricks is performant, secure, and well-integrated with enterprise systems. Create and maintain platform documentation, templates, and reusable modules to support self-service provisioning. Participate in incident response and troubleshooting for cloud platform issues, particularly those related to Databricks and underlying infrastructure. Required Skills & Experience: Proven experience with Terraform in a production environment. Deep understanding More ❯

requirements, deliverables, and operational priorities. Deliver timely, high-quality threat briefings and risk assessments to operational stakeholders. Drive continuous improvement of threat intelligence processes, tooling, and automation. Participate in incident response investigations, providing threat context and attribution support. Maintain awareness of global regulatory and compliance requirements related to threat intelligence and offensive security operations. Key Projects or Initiatives More ❯

repeatable, and auditable. Partner with internal stakeholders to educate, train, and embed business continuity principles within teams, ensuring ownership and accountability. Update and maintain scenario libraries, playbooks, and post-incident action plans , ensuring readiness for both technical and business disruptions. Produce comprehensive reports, risk assessments, and governance documentation to support audit, assurance, and regulatory requirements. Work closely with the … knowledge of disaster recovery , data backup , and cloud-based resilience , particularly AWS Hands-on experience performing business impact assessments , continuity testing , and recovery planning. Solid understanding of risk mitigation , incident response , and IT governance Excellent communication , stakeholder management , and report-writing abilities comfortable engaging with senior leaders and technical specialists alike. High attention to detail, with the ability More ❯

relevant privacy regulations. Monitor and assess data protection compliance across client organisations. Conduct Data Protection Impact Assessments (DPIAs). Maintain and review Records of Processing Activities (RoPA). Support incident response and breach management. Liaise with regulatory bodies such as the ICO. Deliver staff training and awareness sessions. Review and advise on data sharing agreements and contracts. Provide More ❯

using tools such as Terraform, Docker, and AWS. Data governance and observability: Introduce and enhance tooling for data lineage, contracts, monitoring, and cataloguing. Operational excellence: Lead automation, monitoring, and incident response to maintain high platform reliability. Cross-functional collaboration: Work with data scientists, ML engineers, analysts, and product teams to understand and meet their data needs. Mentorship and More ❯

Microsoft Sentinel, Azure Monitor, Network Watcher Experience in central government programmes Deliverables include: IaC templates (Terraform/Bicep) Network architecture documentation Sentinel dashboards & WAF configurations AKS container networking setup Incident response playbooks More ❯

technical information to both technical and non-technical audiences. Analyse security incidents, develop remediation measures, and prepare detailed reports on security metrics and incidents for management review. Participate in incident response activities, coordinating with external security teams when necessary. Provide training and awareness programs for staff on security best practices, helping to embed security principles across departments. Operational More ❯

technical information to both technical and non-technical audiences. Analyse security incidents, develop remediation measures, and prepare detailed reports on security metrics and incidents for management review. Participate in incident response activities, coordinating with external security teams when necessary. Provide training and awareness programs for staff on security best practices, helping to embed security principles across departments. Operational More ❯