18 of 18 Permanent Incident Response Jobs in Lancashire

Incident Responder/IR Consultant Hybrid - ManchesterUp to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as … ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You … will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of More ❯

Senior Incident Responder/IR Consultant Hybrid - ManchesterUp to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

sit at the heart of our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer, and more cost-efficiently. What … you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and self-service infrastructure Enhancing CI/CD pipelines (Azure DevOps, YAML-based … services (SQL, Cosmos DB, ADF, Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices and automated budget controls What More ❯

to join our foundational in-house SOC team. In this pivotal role, you will be instrumental in supporting the development, implementation, and operating of our security monitoring, detection, and response capabilities, with a particular focus on our cloud environments. You'll be at the forefront of responding to incidents and alerts, and helping shape the future of our security … various security tools Perform triage and analysis of security incidents and anomalies, distinguishing between true positives and false positives. Prioritise alerts based on severity, potential impact, and business criticality. Incident Detection & Response: Investigate security incidents thoroughly, leveraging logs from platforms, endpoints, applications, and other security tools. Create and follow incident response playbooks and contribute to their … continuous improvement. Collaborate with Technology, Product and Engineering Teams to contain, eradicate, and recover from security incidents. Document incident details, findings, and remediation steps accurately and comprehensively. Additionally Stay informed about the latest cyber threats, attack techniques, and vulnerabilities, especially those targeting cloud environments. Participate in proactive threat hunting activities using available tools and data sources. Contribute to the More ❯

malicious content. Configure and maintain web and email filtering solutions to block phishing attempts, malware, and other threats. EDR and XDR Technologies: Administer and respond to Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) technologies to swiftly mitigate threats. Monitor alerts, investigate incidents, and take appropriate actions to contain and remediate threats. Security Governance and … security layers align against our Internal Security Standards and Statutory and Regulatory obligations. SIEM Management: Manage, monitor, and respond to security incidents and events using the Council's Security Incident and Event Monitoring (SIEM) platform. Ensure timely detection, analysis, and response to security incidents to minimise impact and support recovery efforts. As part of our team, the successful … phishing protection, and ensuring compliance with security policies. EDR and XDR Technologies: Detailed practical knowledge of administering and responding to EDR and XDR technologies. Experience with endpoint security solutions, incident response procedures, and threat detection and remediation. Security and Cloud Architecture: Broad knowledge of Security and Cloud architecture principles. Management Reporting: Recent experience of providing high-quality management More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story.As our Site Reliability Engineering Manager you will:- Lead … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience More ❯

with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First Responders assist with pro-active security operations, including both regularly scheduled security assessments as well as ad-hoc … security taskings Location Hybrid - Bristol or London Type Permanent, full-time Immediate Who we are looking for. The responsibilities of this role include: Initial triage and response to security alerts. Supporting customer cloud infrastructure & security posture. Monitoring and resolution of key security metrics. Identify emerging security trends. IOC creation based on emerging threats. Acting as a key part of … the cyber incident response team. Completion of proactive security reports. 24/7 Shift Work - 4 on 4 off pattern. This role will require working within a close-knit team to help build Stripe OLT as a global leader in cyber security - focused specifically on defensive domains. The role requires a self-starter, an ideal team player who More ❯

webhooks and Docker). Act as DB SME for the trust organization, interact with internal Roku teams to advise them on security best practices, DB architectures, and assist in incident response and other security investigations. Developing (or extending OSS) security automation tooling. This can range from detection tooling to security process automation, or a fuzzing infrastructure to find More ❯

necessary patches or configuration changes. - Develop and maintain a comprehensive vulnerability management program, including vulnerability tracking, risk assessment, and remediation planning. Stakeholder Collaboration: - Act as a stakeholder for the response team, providing expert guidance on security-related alerts, incidents, and potential improvements. - Collaborate with cross-functional teams, including network engineers, system administrators, and application developers, to implement security network … solutions and improve overall network security posture. - Participate in network security incident response activities by providing technical expertise and assisting in investigations when necessary. More ❯

voice AI, automation, and predictive tools Overhaul the legacy CRM’s UI/UX into a modern, high-performance platform Cybersecurity & Risk Management Own enterprise cybersecurity strategy, audits, and incident response Design post-attack processes and lead quarterly vulnerability assessments Infrastructure & Performance Optimise PHP/MySQL stack for speed, uptime, and stability Resolve CRM bottlenecks and implement diagnostic More ❯

and technical strategy for clients across a wide range of sectors. Deliver whiteboard sessions and client workshops to define tailored security solutions. Support customers during incidents and contribute to response strategies. Create technical documentation and provide trusted guidance to customers. Conduct enablement sessions for internal sales teams, partners, and clients. Engage with customers alongside sales to overcome technical challenges. … in cyber security service offering. What You'll Bring 2+ years in Pre-Sales, Cybersecurity or similar technical consultancy role (MSP/reseller experience preferred). Strong understanding of incident response, SOC operations, and endpoint security. Familiarity with security standards (ISO27002, CIS, NIST, CAF). Experience with technologies such as SSE, SASE, SIEM, MDR/EDR. Confident in More ❯

both written and spoken Demonstrable experience as a Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest More ❯

track down the root cause. Communicate the impact of the problem to stakeholders in terms of business value, helping to set a priority for the resolution. Actively participate in incident responses. Engineering standards & frameworks - Maintain knowledge of Xero's current and emerging engineering standards and practices. Develop and deploy software that meets Xero's standards. Continuous improvement - Maintain knowledge More ❯

Define and implement observability standards, including logging, metrics, tracing, and alerting . Use tools like New Relic , Prometheus , and Grafana , alongside building custom instrumentation for key platform services. Drive incident readiness and operational resilience by enabling actionable monitoring and alerting. Drive cloud cost visibility and optimization efforts across engineering through dashboards, tagging standards, and automation. Partner with stakeholders to … platforms and enablement frameworks. Experience with cloud-native technologies, Kubernetes, and Infrastructure as Code (Terraform, Helm, etc.). Strong understanding of observability tooling (especially New Relic, Prometheus, Grafana) and incident response best practices. Familiarity with FinOps, platform cost tracking, and infrastructure efficiency techniques. Excellent communication, leadership, and stakeholder management skills. Attract, hire, and develop talented platform engineers with More ❯

and availability of our security infrastructure. What You'll Be Doing * Managing Hardware Security Modules (HSMs)and cryptographic infrastructure* Creating, storing, and retiring encryption keyssecurely across multiple platforms* Supporting incident and change managementprocesses* Collaborating with application, infrastructure, and support teams* Ensuring compliance with security standards and audit requirements* Contributing to project deliveryand continuous improvement initiatives What We're Looking … work under pressure* Excellent communication and stakeholder management skills Nice to Have * ITIL Foundation certification* Security or project management certifications* Experience with tools like JIRA, Confluence, SharePoint* Background in incident responseand risk management Benefits * Salary up to £41,000 depending on experience* Pension of 12%* Private medical* Discretionary bonus Please Note: This is a permanent role for UK residents More ❯