1 to 25 of 204 Permanent Incident Response Jobs in London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

years of experience assessing and developing cybersecurity solutions and programs across security domains. Experience in one or more of the following information security domains: incident response, security operations, detection engineering, threat intelligence, threat modeling, cloud security, enterprise architecture. Experience with common security controls and standards. Experience communicating technical … managing the risks for their security program. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned ...

Senior Consultant | Cybersecurity - Incident Response | Forensic & Litigation Consulting FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact … order to assimilate client needs and design appropriate technical solutions. Lead assessment of current threat identification techniques and development of new methodologies and frameworks. Incident analysis, combining sound analytical skills with advanced knowledge of cybersecurity, digital forensics and incident response. Assess client cybersecurity postures against industry‐standard best ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

integrated into business unit initiatives, motivating business units to adopt efficient security controls throughout their lifecycle. Oversight of R&B’s and Corporate platforms response to Incident, integrating cyber incident response policies with business operations to improve agility and effectiveness in cyber incident management. Work … internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to senior management on cyber incident response readiness and effectiveness. Collaborate with security leadership to enforce cyber security policies and practices, addressing operations and incident response. Provide expertise ...

Embed secure‐by‐design principles and DevSecOps practices across engineering and delivery teams. Use AI and automation to improve detection, prevention, and response. Lead incident response and threat modelling with a practical, engineering‐first mindset. Own and manage the Information Security Risk Register; ensure risks are assessed, documented … effectively. Oversee third‐party risk management, including supplier due diligence, onboarding, and continuous monitoring. Oversee operational security activities, including threat detection, vulnerability management, and incident response. Develop and maintain incident response playbooks and lead investigations where required. Collaborate with SOC and Systems teams to strengthen detection, response ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

group’s Data Protection Lead (a non-statutory role distinct from a formal DPO appointment). The group’s security posture, risk register, incident response and audit defensibility all sit with you. If something has a security or data protection dimension, it lands on your desk first. Security … endpoint protection (Bitdefender GravityZone), conditional access, MFA, identity governance, vulnerability management, and security awareness and phishing simulation programmes via KnowBe4. Lead incident response — triage, containment, recovery, post-incident review and reporting, with playbooks kept current and tested. Oversee security across Auro Technology’s software stack — IoT device ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...

ownership of day-to-day cyber defence. This is a senior leadership role with broad scope, covering strategy, security operations, cloud and AI security, incident response, and management of an external SOC. You will have the mandate and backing to shape how cybersecurity is delivered as the business … engineering, and security monitoring Lead vulnerability management end-to-end using Qualys or equivalent tooling, from discovery to remediation accountability Serve as the technical incident response lead, covering preparation, exercises, live incidents, and post-incident learning AI & data security Secure internal AI platforms, including training data, models ...

execution, scaling the team, building operational maturity, and championing AI-augmented development practices. You will operate at multiple levels — coaching managers and ICs, owning incident response, and setting the operational direction for Xapien’s engineering organisation. The CTPO retains product and technical vision; you make it happen. This … architectural decisions within a domain-driven design structure. ● Establish engineering-wide standards for code quality, review processes, and technical governance. ● Build observability, incident management, and on-call practices that scale with team growth and deployment frequency. ● Embed DevOps, MLOps, security, and compliance practices into day-to-day workflows. ● Balance ...

Group plc is looking for a Senior DFIR Consultant to deliver high-quality incident response services in London. This role requires collaborating with various teams, performing advanced forensic analyses, and providing technical investigations. The ideal candidate will possess a relevant professional certification and have experience in incident response scenarios like ransomware. The position offers a range of comprehensive benefits including flexible working, generous holiday allowances, and a supportive culture focused on well-being. #J-18808-Ljbffr ...

structure and rigour without bureaucracy, and the confidence to hold people to account and the judgement to bring them with you. Service Ownership and Incident Management Quarterback incident response: own the client communication layer during P1s and major incidents, coordinating with engineering leads and ensuring every stakeholder … informed, never surprised. Foster a culture of fast incident response; drive post-incident reviews to completion, with initial RCAs and full RCAs provided within contractually defined timelines. Ensure corrective actions are assigned, tracked, and chased to closure - across engineering teams you do not manage, using influence ...

reliability problems across our stack, then design and implement software and systems to create step-function improvements. You will design robust observability solutions, lead incident response, automate operational tasks, and continuously improve our infrastructure's reliability, all while mentoring and educating the broader engineering team to make reliability … Build systems to monitor and report on these metrics, holding teams accountable and ensuring we maintain high reliability standards while balancing innovation speed. Lead Incident Management and Response: Act as a senior leader during high-impact incidents, guiding the team to rapid resolution. Conduct thorough, blameless post-mortems ...

operational resilience, developer experience and infrastructure team leadership. You will be responsible for shaping the long term infrastructure roadmap, improving reliability and observability, strengthening incident response and ensuring the platform can support a growing customer base and increasingly critical product suite. This is a role for someone … cloud architecture to support scale, resilience and performance Set standards across infrastructure, CI/CD, environments and observability Lead production reliability, uptime, incident response and post incident reviews Improve monitoring, alerting and on call practices to ensure they are effective and sustainable Partner closely with the Information ...

organisation based in the Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience … procedures, and playbooks to respond to cyber threats. Develop and maintain cyber strategy, capabilities to stay ahead of emerging threats. Lead the Cyber Defence response for the organisation when under cyber-attack. Lead and manage multiple cyber security teams. Engage with stakeholders, report to snr management and collaborate with ...

tooling Career progression within a growing security function Key responsibilities: Monitor, investigate and respond to cyber security alerts and incidents Lead and support incident response activities Conduct threat hunting and threat modelling exercises Manage vulnerability remediation and penetration testing activities Support and improve SIEM, EDR/…/XDR, IDS/IPS and firewalls Good understanding of Microsoft Azure security technologies Knowledge of NIST, ISO27001 and CIS Controls Experience in incident response, vulnerability management and threat intelligence Relevant certifications such as CISSP, CISM, GIAC or Security+ Soft skills: Strong analytical and problem-solving abilities Calm ...

investigation and analysis, acting as the escalation point for complex or high-severity incidents. They conduct root-cause analysis, guide L1 analysts, and support incident containment and remediation efforts. Our work will be sensitive, secure, 24x7 and on the most up-to-date high-density compute stacks available. Shift … that rota. Investigate escalated incidents to determine attack vectors, scope, and potential impact. Correlate events across multiple data sources to build a comprehensive incident narrative. Execute containment, eradication, and recovery activities in coordination with IT/OT stakeholders. Lead response for medium to high-severity incidents and document ...

maintained. Establish, document, and enforce security controls that safeguard information flows across internal systems, third parties, and public networks. Develop, maintain, and execute incident response and crisis management procedures, ensuring swift and effective mitigation of security events while minimizing business disruption. Monitor security operations to identify anomalies, investigate … compliance activities. GENERAL Be the primary point of contact for all information security alerts and breaches within the Bank and coordinate responses via incident management protocols. Daily administrative tasks, reporting, and communication with the relevant departments in the organization. Maintain security records and documents of controls, security dashboards ...

implement next generation Microsoft cloud security across Azure and multi cloud environments. Drive adoption of Agentic AI for Security to enable autonomous detection, adaptive response, and continuous security posture improvement. Enhance Microsoft Sentinel with MCP (Model Context Protocol), Sentinel Data Lake, and Sentinel Graph capabilities for advanced analytics, threat … Automate, and advanced SOAR workflows. Drive proactive threat detection, email threat defence, and automated containment using MDO and Darktrace Email. Partner closely with GSOC, Incident Response, Threat Hunting, TI and Cloud Engineering teams to deliver unified detection, response, and governance. Manage, mentor and strengthen a team ...