1 to 25 of 32 Permanent Incident Response Jobs in Manchester

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident review, in addition this role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents … occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration between cross functional teams and suppliers to restore normal service operation as quickly as possible., Summary The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident … role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other … Security Queue (CVE updates, service requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments More ❯

delivering robust, scalable, and compliant security operations aligned with FCA Consumer Duty and broader regulatory obligations. You will play a key role in the operational management of security technologies, incident response processes, and the continuous enhancement of our detection and response capabilities. The successful candidate will bring hands-on expertise in, cloud security operations, threat detection and … will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem … with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and incident trends. Maintain and enhance operational documentation, including runbooks, playbooks, and standard operating procedures (SOPs) Support internal and external audit processes by maintaining evidence artefacts, compliance reporting, and validation of More ❯

safeguarding our AWS cloud environment , ensuring our systems stay secure, resilient, and fully compliant with financial regulations. You'll bring real-world experience with security tools, threat detection, and incident response , helping us evolve and harden our defences every day. A background in a regulated industry (like financial services) is important, as is a strong grasp of infrastructure … will do: Operate and optimise a wide range of security platforms, including SIEM, XDR, EDR, IAM, DLP, PAM, ZTNA, and vulnerability management tools Take ownership of the detection and response lifecycle - triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like … ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks and playbooks to standard operating procedures (SOPs) Support internal and external audits, helping maintain evidence, reporting, and demonstrating control effectiveness Devoted to the FCA principle of Consumer Duty More ❯

Security Manager, you'll be the technical lead in our IT Security team, responsible for: Designing and implementing scalable, secure architectures and strategies Leading threat assessments, vulnerability management, and incident response Driving cloud security governance and DevSecOps frameworks Evaluating and deploying security tools and technologies Ensuring compliance with GDPR, PCI-DSS, SOX, and other standards Leading and mentoring More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

and manage security incidents, including malware and ransomware threats. Collaborate with third-party cyber security providers to deploy and maintain security capabilities. Conduct root cause analysis and contribute to incident response planning. Ensure compliance with industry regulations and internal governance frameworks. Stay up to date with the latest Azure and security technologies and best practices. Skills and Knowledge More ❯

and manage security incidents, including malware and ransomware threats. Collaborate with third-party cyber security providers to deploy and maintain security capabilities. Conduct root cause analysis and contribute to incident response planning. Ensure compliance with industry regulations and internal governance frameworks. Stay up to date with the latest Azure and security technologies and best practices. Skills and Knowledge More ❯

IT security risks, maintaining risk registers and assessments. Ensure compliance with UK regulations (GDPR, NIS, Data Protection Act) and international standards (ISO 27001). Support audits, compliance reporting, and incident response activities. Assist in drafting and updating security policies and governance frameworks. Contribute to staff awareness and training initiatives. Assess vendor/third-party security risks and compliance. More ❯

Translate complex security and compliance requirements into clear, actionable deliverables. Support the development of business cases for security initiatives. Contribute to security governance, standards, and best practices. Assist with incident response planning and regulatory alignment (e.g., GDPR, ISO27001, NIST, Cyber Essentials). Skills & Experience Required: Proven experience as a Business Analyst within Cyber Security projects . Strong knowledge More ❯

Translate complex security and compliance requirements into clear, actionable deliverables. Support the development of business cases for security initiatives. Contribute to security governance, standards, and best practices. Assist with incident response planning and regulatory alignment (e.g., GDPR, ISO27001, NIST, Cyber Essentials). Skills & Experience Required: Proven experience as a Business Analyst within Cyber Security projects . Strong knowledge More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: Vulnerability Management Analyst/VM Analyst/Information Security Analyst/Information More ❯