1 to 25 of 60 Permanent Incident Response Jobs in the North West

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident review, in addition this role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents … occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration between cross functional teams and suppliers to restore normal service operation as quickly as possible., Summary The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident … role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

business teams to implement strong cryptographic controls. Drive improvements in secure key lifecycle management, encryption, and authentication processes. Ensure the operational reliability and security of cryptographic services through monitoring, incident response, and proactive risk mitigation. Essential Skills & Experience Proven experience in Cryptography, Secure Key Management, and Information Security. Hands-on expertise with HSM configuration, installation, and support. Experience … and documentation tools (e.g., MS Office). Highly Valued Skills Security or cryptographic certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, or equivalent). Experience in operational security environments, including incident response, risk management, and change control. Familiarity with SharePoint, Confluence, JIRA, and Unix/Windows environments. Knowledge of data protection regulations, compliance standards, and privacy frameworks. Strong technical More ❯

experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards … of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior More ❯

brilliant opportunity for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. You'll lead on threat detection, incident response, and security improvements, working closely with teams across the business to maintain compliance and best practice. What you'll do: Lead threat detection, incident response More ❯

As a Cybersecurity Analyst at EG Group, you will be responsible for monitoring and triaging alerts escalated from partners and wider internal teams. You must have working experience of incident response and end-to-end security processes and procedures. You will provide a comprehensive range of technical, operational, and risk management services. By working closely with our global … identified vulnerabilities, collaborating with other technology teams. Remediate incidents escalated from tier 1 SOC analysts. Assess the scope and impact of the attacks on affected systems and networks. Conduct incident response activities using IOCs to identify and contain threats. Stay updated on emerging threats and technologies. Maintain and tune XDE/MDR/EDR and supporting tools. Tracking More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯

STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement audits, and role certification; identify and remediate potential vulnerabilities in provisioning and access enforcement. Incident Management & Response Participate in access-related incident response, including unauthorized access investigations, root-cause analysis, and mitigation measures. Client Engagement & Training Collaborate with stakeholders to understand … SAML/OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440/604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication Skills : Strong ability to engage with both technical teams and non More ❯

council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls, antivirus, endpoint security, patching, and software updates. Collaborate with IT, Legal, and other … Security Queue (CVE updates, service requests, incidents, bulletins). Assess and manage tickets, ensuring priority issues are resolved within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments More ❯

delivering robust, scalable, and compliant security operations aligned with FCA Consumer Duty and broader regulatory obligations. You will play a key role in the operational management of security technologies, incident response processes, and the continuous enhancement of our detection and response capabilities. The successful candidate will bring hands-on expertise in, cloud security operations, threat detection and … will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem … with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and incident trends. Maintain and enhance operational documentation, including runbooks, playbooks, and standard operating procedures (SOPs) Support internal and external audit processes by maintaining evidence artefacts, compliance reporting, and validation of More ❯

safeguarding our AWS cloud environment , ensuring our systems stay secure, resilient, and fully compliant with financial regulations. You'll bring real-world experience with security tools, threat detection, and incident response , helping us evolve and harden our defences every day. A background in a regulated industry (like financial services) is important, as is a strong grasp of infrastructure … will do: Operate and optimise a wide range of security platforms, including SIEM, XDR, EDR, IAM, DLP, PAM, ZTNA, and vulnerability management tools Take ownership of the detection and response lifecycle - triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement and manage security controls across AWS, Azure, and on-prem environments, aligning with frameworks like … ISO 27001, PCI-DSS Build and maintain clear, actionable dashboards and reports for technical and leadership teams, covering threats, vulnerabilities, incident trends, and control effectiveness Keep our documentation tight - from runbooks and playbooks to standard operating procedures (SOPs) Support internal and external audits, helping maintain evidence, reporting, and demonstrating control effectiveness Devoted to the FCA principle of Consumer Duty More ❯