1 to 25 of 543 Permanent Incident Response Jobs in England

Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be … a part of the first line of defence in Experian's broader incident response and incident management departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and … recovering from events falling in its scope or escalating higher-risk events to dedicated incident response and management teams in the CFC. This role is critical in ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. More ❯

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

We are seeking a highly skilled and experienced SOC Incident Response & Threat Hunting Manager to join our growing Security Operations Centre. This pivotal role will be responsible for leading our Tier 3 Security and Incident Response Analysts, overseeing advanced incident response activities, driving proactive threat hunting initiatives, and providing strategic direction for the Cyber … a strong technical background, exceptional management skills, and a strategic vision for cybersecurity. You will play a key role in mentoring and developing a high-performing team, leading complex incident response engagements from initial detection through to post-incident review, and significantly enhancing the security posture of our diverse customer base. The role demands a unique blend … of strategic leadership, deep technical expertise in digital forensics and incident response (DFIR), and a proactive mindset to anticipate and neutralise sophisticated and evolving cyber threats. Key Responsibilities: Provide expert guidance and technical oversight on complex security incidents and threat hunting operations. Lead and coordinate high-severity incident response engagements, acting as the primary incident More ❯

Lead Incident Response Manager - Build It, Lead It, Own It £125,000 + bonus | Hybrid (Manchester-based) | Clear path to Technical Director When a cyber incident hits, you are the calm in the chaos. You take control, make the decisions, and guide clients through the storm. This is your opportunity to lead a fast-growing Incident Response function within a rapidly expanding UK cyber practice that is winning major contracts and investing heavily in its capability. You will have the freedom to build the function your way, lead high-impact response work, and progress to Technical Director of Cyber within 12 to 18 months. Why This Role Stands Out Lead the full incident response lifecycle from triage and containment to negotiation and recovery Work directly with senior stakeholders and executive teams, trusted as the safe pair of hands when it matters most Join a cyber business that is scaling quickly and building one of the strongest response teams in the UK Full autonomy to shape the team, tooling, and playbooks More ❯

to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation. Your Impact Weekend Work Schedule is Friday-Monday (10 hr work day/40 hr work week) Perform reactive … incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs) Examine firewall, web, database, and other log sources to identify evidence of malicious activity Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation … tools to determine source of compromises and malicious activity that occurred in client environments Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations Ability to perform travel requirements as needed to meet business demands (on average 20%) Mentorship of team members in incident More ❯

the Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber attacks, through timely detection, investigation and remediation of potential threats. Role summary The Cyber Security Incident Response Manager plays a pivotal role in identifying, investigating, and managing cyber and data handling incidents within KPMG’s Global Information Security Services (ISS) function. ISS delivers and … oversees critical cybersecurity capabilities—including Security Monitoring & Response (SMR), Vulnerability Assessment & Secure Development (VASD), and Cyber Threat Intelligence (CTI)—across Global, Global Functions, and the broader KPMG network of member firms. This position offers an exciting opportunity to join a progressive and innovation-driven security team, contributing directly to the evolution of the Cyber Security Incident Response Team (CSIRT) on a global scale. The role reports directly to the Global Cyber Security Incident Response (CSIRT) Lead. The ideal candidate will bring knowledge in Cyber incident response, data protection, and regulatory compliance, along with the ability to collaborate effectively across functions to reduce risk and strengthen KPMG’s global data security posture. Key More ❯

point within the SOC, leading investigations into complex security incidents. Perform in depth analysis of escalated events and alerts to determine root cause, scope, and impact. Lead and coordinate incident response efforts, ensuring timely containment, eradication, and recovery. Act as the Centre of Excellence (CoE) for Incident Response, setting best practices and standards across the global … SOC and IR (Incident response) functions. Contribute to the globalization of SOC and IR processes, ensuring alignment and consistency across regions. Collaborate with global SOC and IR teams to harmonise incident response workflows, tooling, and reporting standards. Provide expert guidance to Detection Engineers to optimise detection logic and improve alert fidelity. Mentor and train junior SOC … capabilities and threat coverage. Support audit and regulatory engagements by providing timely and accurate responses to information requests. Liaise with cross functional technology teams to ensure timely resolution of response tasks and elevate issues as needed. Support broader Information Security and Operational Security initiatives as required. Maintain up to date knowledge of cyber threats, attacker techniques, and relevant laws More ❯

Overview We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the … direction of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune … need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You More ❯

DFIR Consultant | Digital Forensics & Incident Response Salary - £50,000 – £65,000 Location: Remote UK About the Role We're looking for a DFIR Consultant (Digital Forensics and Incident Response) to join our expert cybersecurity team. In this role, you'll apply your technical skills, investigative mindset, and forensic expertise to help clients respond to and recover … from complex cyber incidents. You'll lead and support forensic investigations across endpoint, network, and cloud environments, guiding clients through incident triage and digital evidence collection. This position is ideal for someone who thrives in fast-paced environments and enjoys solving technical challenges under pressure. What You'll Do Lead digital forensic investigations across endpoint, network, and cloud environments … AWS, Azure). Perform incident response for on-premises and cloud infrastructures, identifying root causes and containment strategies. Use tools like CrowdStrike, Magnet Axiom, X-Ways, SIFT Workstations, and EZTools to collect, preserve, and analyse evidence. Develop custom scripts and forensic tooling to automate investigation workflows. Document findings clearly in reports and client presentations, tailoring communication for both More ❯

Head of Security to join them on a permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response & Security Operations Lead and mature security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry and security posture Leadership & Team Management … tools, processes, and procedures Ensure appropriate balance between local autonomy and corporate alignment Contribute to broader security strategy and roadmap development Essential Requirements Technical Expertise Demonstrable expertise in security incident investigation, detection, response, and recovery (NIST/NIS2 frameworks) Strong foundation in security operations, but with strategic vision beyond SOC alert handling Experience with security telemetry, SIEM platforms More ❯

Head of Security to join them on a permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response & Security Operations Lead and mature security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry and security posture Leadership & Team Management … tools, processes, and procedures Ensure appropriate balance between local autonomy and corporate alignment Contribute to broader security strategy and roadmap development Essential Requirements Technical Expertise Demonstrable expertise in security incident investigation, detection, response, and recovery (NIST/NIS2 frameworks) Strong foundation in security operations, but with strategic vision beyond SOC alert handling Experience with security telemetry, SIEM platforms More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth, strategic leadership, and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR), with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

SOC Incident Response & Threat Hunting Manager Fully Remote (UK-based) | Up to £85,000 + 10–15% Bonus + £6k Car Allowance + Excellent Benefits (Occasional travel to Warrington, approx. once per quarter) Our client is expanding their virtual Security Operations Centre (vSOC) and looking for an experienced SOC Incident Response & Threat Hunting Manager to lead … expertise in DFIR, threat hunting, and detection engineering with a proactive approach to strengthening security posture across diverse customer environments. The Role Lead and mentor Tier 3 SOC and Incident Response Analysts. Act as the technical lead on high-severity security incidents from initial detection through to post-incident review. Design and execute advanced threat hunting exercises … translates into actionable improvements. Participate in the on-call rota (1 week in 4) to provide leadership during critical incidents. What You’ll Bring Strong background in SOC operations, incident response, and threat hunting . Experience leading teams or acting as senior escalation within a fast-moving SOC. Technical depth across digital forensics and adversary TTPs. Excellent analytical More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Senior Detection & Response Engineer Cambridgeshire Based - 1-2 days a week on site We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and … building scalable detection and response capabilities across the organisation. This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively. What You'll Be Doing: Investigate and respond to security events with clarity and precision … triage, analyse, and manage incidents from end to end Develop and improve detection and response processes, technologies, and work flows Design and implement tools to collect and analyse security telemetry from cloud environments Automate security workflows to enhance detection accuracy and reduce response time Build and fine-tune detection rules to focus efforts on high-fidelity alerts Create More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company … of our global team, you'll be working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines, when espionage or … problems under pressure, thrive on collaboration, and want to work with the best in the industry. Who We Are We’re a globally distributed team of nearly 200 dedicated incident responders, forensics specialists, and crisis managers spread across more than 25 countries. Every day, we work across time zones, cultures, and languages to protect clients that range from household More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection … in detection coverage, log ingestion and alerting based on business risks and threats Review and improve existing SecOps standards and capabilities e.g. by highlighting requirements for additional logging, identifying incident or threat trends and detection and business-as-usual optimisation opportunities Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to More ❯

opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection … in detection coverage, log ingestion and alerting based on business risks and threats Review and improve existing SecOps standards and capabilities e.g. by highlighting requirements for additional logging, identifying incident or threat trends and detection and business-as-usual optimisation opportunities Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to More ❯

in EMEA and partners with Unit 42 leadership to drive high-stakes client and internal programs. The role focuses on ensuring successful execution of all Digital Forensics and Incident Response (DFIR) and Proactive Services engagements. This position serves as the VP's core strategic partner, translating executive vision into actionable program execution and ensuring the operational excellence of … be able to learn our products and services. Qualifications Your Experience 10+ years of professional experience, specializing in one or more of the following: transformative IT, Cybersecurity, Digital Forensics, Incident Response, or Infrastructure. Bachelor’s degree in MIS, Cybersecurity, Computer Science or a related field, or equivalent work/military experience. Proven ability to lead multiple large-scale … Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight More ❯