1 to 25 of 37 Permanent Incident Response Jobs in the City of London

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯

detecting, analyzing, and mitigating malware threats to safeguard organisational systems and data. By conducting advanced static and dynamic malware analysis, the role provides critical insights into emerging threats, supports incident response activities, and enhances detection capabilities through tool and signature development. Together with colleagues spanning almost all time zones, you will help to make our clients safer and … support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities: Malware Analysis and Response: Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors. Provide detailed analysis of malware samples as part of … Digital Forensics and Incident Response (DFIR) investigations. Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams. Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats. Documentation and Reporting: Document and report on the behaviour, techniques, tactics, and procedures (TTPs) used by More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

our company's security strategy, ensuring robust protection for both our assets and those of our clients. This division oversees all aspects of information security, from policy development to incident response. Our Global Security Services and Automation team excels in gathering diverse security requirements from clients and delivering top-tier security infrastructure, tools, and operations at scale. The Security … and recommendations Developing and presenting scalable security solutions and services that meet client needs Collaborating with internal teams to ensure client security requirements are integrated into service delivery Leading incident response efforts and conducting post-incident analysis to prevent future occurrences Organizing tabletop exercises with both clients and our teams Required profile: Ability to engage confidently with More ❯

regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incident response, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯

regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incident response, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯

Data Security team, to support analysis and reporting work for data loss and insider threat events in Virgin Money. Your role will involve working closely with our Data Security, Incident Response and Business teams to manage events and progress remediation and represents a great opportunity to work with industry-leading tools and security partners, utilising your analytical, technical … be responsive to these challenges. The DLP Analyst will support the Bank's security controls for Data Loss Prevention, carrying out assessments of DLP and Insider Threat events, including incident management, escalation and resolution, acting as a liaison with key stakeholders, and be responsible for reporting on current status and trends. What you'll be doing Analysis of DLP More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM engineers and developers. Support critical incident response, troubleshooting, and root cause analysis for IAM-related issues. Support audit and compliance activities with documentation and evidence of access controls. Stay updated on ForgeRock product roadmap More ❯

ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM engineers and developers. Support critical incident response, troubleshooting, and root cause analysis for IAM-related issues. Support audit and compliance activities with documentation and evidence of access controls. Stay updated on ForgeRock product roadmap More ❯

testing, and ethical hacking engagements Plan and deliver cyber attack simulations, vulnerability assessments, and social engineering tests Work with SOC teams on purple team exercises to enhance detection and response Produce executive reporting on cyber threats, risks, and remediation progress Collaborate with security and infrastructure teams to strengthen overall cyber resilience Skills & Experience 3+ years in penetration testing/… ethical hacking/red teaming Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development Familiar with SIEM, defensive security monitoring, incident response, and detection engineering Deep knowledge of network, web application, and enterprise architecture security Excellent communication skills to present cyber risk insights to stakeholders Hybrid working model - 3 days in the London office. Competitive More ❯

It’s ideal for someone with a solid foundation in data protection and a keen interest in evolving tech risks. Key highlights: Support global data risk initiatives and cyber incident response Conduct DPIAs and manage Records of Processing Activities Collaborate on ISO 27001 audits and phishing exercises Engage with AI and emerging tech compliance Liaise with Risk Operations More ❯

It’s ideal for someone with a solid foundation in data protection and a keen interest in evolving tech risks. Key highlights: Support global data risk initiatives and cyber incident response Conduct DPIAs and manage Records of Processing Activities Collaborate on ISO 27001 audits and phishing exercises Engage with AI and emerging tech compliance Liaise with Risk Operations More ❯

identity/access, encryption, data protection, secrets, and resilience). • Recommend and review controls for containerised and serverless workloads; guide teams on secure coding and code review practices. • Support incident response planning and playbook development; foster a culture of continuous assurance. Your experience will include: • Leading the development of security architecture and design for complex IT requirements, ensuring More ❯

identity/access, encryption, data protection, secrets, and resilience). • Recommend and review controls for containerised and serverless workloads; guide teams on secure coding and code review practices. • Support incident response planning and playbook development; foster a culture of continuous assurance. Your experience will include: • Leading the development of security architecture and design for complex IT requirements, ensuring More ❯

identity/access, encryption, data protection, secrets, and resilience). • Recommend and review controls for containerised and serverless workloads; guide teams on secure coding and code review practices. • Support incident response planning and playbook development; foster a culture of continuous assurance. Your experience will include: • Leading the development of security architecture and design for complex IT requirements, ensuring More ❯

identity/access, encryption, data protection, secrets, and resilience). • Recommend and review controls for containerised and serverless workloads; guide teams on secure coding and code review practices. • Support incident response planning and playbook development; foster a culture of continuous assurance. Your experience will include: • Leading the development of security architecture and design for complex IT requirements, ensuring More ❯

and support other members of the team on privacy and/or AI-related M&A and similar workstreams. You support the cyber, tech & ops and other teams on incident response and cyber investigations. You manage and oversee the implementation of data and AI policies and processes. You support the other members of the team primarily on the More ❯

prompt engineering, model fine-tuning, and evaluation. Stay current with developments in AI/ML and apply relevant research to product needs. Participate in design reviews, code reviews, and incident response. Qualifications Bachelor’s degree in Computer Science, Engineering, or equivalent. Required Skills Software development experience with proven expertise in at least one programming language (Python/Java/ More ❯