1 to 25 of 98 Permanent Incident Response Jobs in London

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice click apply for full job details ...

strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! About the role: The Cyber Security Incident Response Specialist would be member of CSIRT, part of Counter Threat & Engineering (CT&E) function, responding to cyber threats and security incidents globally. … relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...

highly client-facing role where you will guide businesses through practical resilience improvements, including: • Designing and delivering cyber crisis simulation exercises • Developing and enhancing incident management and response frameworks • Conducting capability and readiness reviews • Advising senior leadership teams on cyber preparedness strategy You will lead engagements from initial … scoping through delivery, working closely with executive stakeholders and technical teams to provide clear, actionable recommendations that improve response capability and organisational resilience. Those with a background in reactive Incident Response (either in-house or from Consulting already), who are wanting to move into an advisory ...

Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working … optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What you'll be doing Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities. Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads. ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional who thrives in fast … alerts across SIEM platforms and ticketing systems, managing incidents through to resolution Participate in an on-call rota to support live security incidents Manage incident queues and approvals within IT service management tools Act as a subject matter expert for nominated security technologies, ensuring effective configuration and optimisation Support ...

regions. Key Responsibilities Lead the design and implementation of secure authentication, authorisation, and data protection frameworks. Manage and enhance Data Loss Prevention (DLP) systems, incident response, and risk management processes. Oversee cloud security architecture across Azure, O365, and iManage Cloud environments. Collaborate with global IT, compliance, and risk … information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

improvement, tuning and optimisation of security systems Support the delivery of projects with security assurance and alignment to best practice Collaborate with threat intelligence, incident response teams, and internal stakeholders Develop metrics, reporting, and dashboards to track operational effectiveness What we're looking for: Proven experience leading cyber … security operations, SOCs or threat defence teams Strong knowledge of vulnerability management, security testing, and incident response Experience managing technical teams and working with outsourced security providers Ability to translate threat intelligence into actionable operational improvements Familiarity with regulatory compliance, service management, and security frameworks SC Clearance ...

automation tools, backend services, and interactive features that improve visibility into system health, trade flows, latency, and performance - helping reduce operational risk and accelerate incident response in fast‐paced trading environments. Key Responsibilities Develop Python automation tools and wrappers for upstream applications Build test harnesses to reduce manual … Global Markets teams on cross‐asset initiatives Support real‐time monitoring of trade flows, latency, and system health Implement automation that improves response times and platform stability Skills & Experience Required Solid Python development, automation & tooling experience Strong Linux (debugging, scripting) React or Python UI tooling (Click library) MongoDB ...

technical decisions around architecture, performance, and reliability Collaborate with product and operations to translate business needs into robust solutions Improve system observability, monitoring, and incident response Identify technical debt and proactively drive refactors Support CI/CD, deployment pipelines, and environment management What we're looking for Strong … Azure Containerisation – Docker and environment configuration Deployments – staging/production environments, rollback strategies Monitoring & logging – error tracking, performance monitoring, alerting Reliability – uptime, backups, and incident response Engineering Practices Writing clean, maintainable, well-documented code Code reviews and constructive technical feedback Coaching juniors and helping them level up technically ...

QA. Strengthen code review standards and engineering consistency. Within 12 months, you will: Confidently contribute to UK and Global teams based on priority. Lead incident response efforts when front-end issues affect production. Influence front-end architectural decisions. Raise the overall quality bar across our Vue/Nuxt … ensure implementation aligns with inclusive design principles. Technical Leadership: Conduct code reviews, guide architectural decisions, and raise engineering standards across the front-end codebase. Incident Response: Lead investigations and resolution efforts during critical production incidents, ensuring fast and structured recovery. Collaboration: Work closely with Product, Design ...

trust. The Opportunity Acting as an experienced privacy advisor (working under the supervision of qualified privacy counsel), you’ll support global privacy operations across incident response, regulatory engagement, product development, and privacy‐by‐design initiatives. Key to this role is a background in tech, agile, consumer facing roles … have experience in GDPR compliance and regulatory inquiries. What You’ll Be Doing Incident Response Manage low–medium risk personal data breaches and support investigations into more complex cases Coordinate cross‐functional tasks, gather facts, draft assessments and regulatory materials Maintain breach logs, investigative records, and track follow ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. ...

Oversee customer facing and technical teams, ensuring efficient handling of customer needs including complex queries, platform optimisation and continuous service improvements. Drive improvements in incident response and incident management processes to ensure rapid resolution, clear communication and reduced customer impact. Coordinate closely with Product, Engineering, Sales ...

financial market infrastructure environment. The Role You will support the penetration testing and threat operations function. Key responsibilities include: Assisting with penetration testing Supporting incident response, threat hunting, and detection engineering Identifying vulnerabilities and documenting exploitation paths, with clear remediation guidance Reviewing threat intelligence feeds and contributing ...

deliver high-quality technical solutions. Desirable Experience Automation experience (PowerShell, Python, API integrations) and/or systems administration background. Familiarity with security frameworks and incident response methodologies. Experience working with logging pipelines (e.g., AMA, Syslog, Cribl, SIEM tooling). Exposure to non-Microsoft security platforms such as CrowdStrike ...

alerts. Deploying, scaling, and managing containerised applications using tools like Kubernetes for clients who require container platforms Support patching, vulnerability remediation, and security incident response activities to maintain secure environments. Assist with the operational management of data platforms, including storage, protection, replication, and automation of data workflows. Manage ...

rollback frequency Standardise release processes across engineering teams Implement progressive delivery practices Reliability & Observability Define and track SLIs/SLOs Enhance monitoring, alerting and incident response processes Lead post-incident reviews and root cause analysis Drive reduction of operational toil Security & Compliance Embed DevSecOps controls into pipelines … preferred) CI/CD tooling experience (GitHub Actions, GitLab CI, Jenkins) Experience operating production SaaS environments Strong observability tooling knowledge (Datadog, Prometheus, ELK etc.) Incident management and root cause analysis experience Experience in regulated or security-conscious environments is highly desirable ...

operated services on AWS — EKS (or equivalent managed Kubernetes), IAM, S3, Secrets Manager. Not just 'we used AWS'. You have been the primary incident responder — diagnosed under pressure, coordinated a fix, wrote a postmortem. Not just 'I helped fix a bug'. Your CV contains specific metrics — latency … confirm that what shipped works, not just that it compiled. Drive codebase refactoring inside your squad in line with the MongoDB → PostgreSQL migration strategy. Incident Response & Reliability Serve as incident commander for production issues within your squad's domain — diagnose, triage, coordinate fix, and own communication ...

first security programme across infrastructure, endpoints and cloud environments. Working directly alongside the CISO, you will architect and implement the firm’s detection and response foundations - designing telemetry strategy, response workflows and supporting security controls in a largely greenfield environment. This is not a SOC management role … from a single senior engineer into a small, high-calibre team... Key Responsibilities Architect and scale the firm’s end-to-end detection and response capability, from telemetry ingestion through to investigation workflows Design high-signal detection logic informed by real attack techniques, not generic vendor rules Build ...