1 to 25 of 49 Permanent Incident Response Jobs in the North West

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

Incident Responder/IR Consultant Hybrid - ManchesterUp to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as … ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You … will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of More ❯

Senior Incident Responder/IR Consultant Hybrid - ManchesterUp to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Senior Incident Responder/IR Consultant Hybrid - Manchester Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

alert fatigue. You'll create bespoke analytic rules and collaborate with analysts to refine detection capabilities. You'll also take an active role in managing security alerts and leading incident response and investigation efforts. As a senior colleague, you'll advise on cyber risks, emerging threats, and mitigation strategies aligned with the Government Security Framework and standards. You … as expected, ensuring requirements, policies, and standards to govern all activities and outputs are met. Reviewing high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring Containing and remediating those incidents, identifying potential process improvements. Communicating with a broad range of senior stakeholders and … be responsible for defining the vision, principles, and strategy for incident response Deputising for the SOC manager as a when required. Reviewing incident documentation ensuring that appropriate lessons learned are captured and implemented. Maintaining and integrating Cyber Threat Intelligence services to enhance the Departments capabilities to detect threats. Mentor junior engineers and contribute to the development of More ❯

such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead escalation point for live security incidents Analyse alerts, threat intelligence, and forensic data … of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts for clients More ❯

Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response strategies. Compliance & Governance : Ensure adherence to regulations, conduct audits, and establish security frameworks. Secure DevOps & Automation : Incorporate security into … Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and communication skills Relevant cybersecurity certifications (CISSP, CISM, CEH, etc.) Requirements Bachelor's degree More ❯

architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party risks by assessing supplier compliance, contributing to incident response processes when issues arise, preparing insightful metrics for leadership teams. Collaborate with teams across the business to identify, assess, and track risk mitigation activities through to completion. … where necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate … include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST More ❯

DCC is looking for a Lead Cyber Security Operations Analystto play a key leadership role in shaping and advancing our Security Operations Centre (SOC). You'll drive our incident response strategy, lead major investigations, develop cutting-edge detection content, and help grow a highly capable security team through training and exercises. This is a critical role in … capabilities and foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex More ❯

seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incident response procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯

Leadership, leading key initiatives to protect systems, data and users while helping shape the organisations security posture. What youll be doing: Managing day-to-day information security operations, including incident response and risk assessments Leading the development and implementation of security policies, standards, and controls Driving continuous improvement initiatives to strengthen cyber resilience Developing and supporting security roadmaps … to Cyber Essentials, ISO27001 or similar What youll need: Proven experience managing IT security or information security functions Strong technical knowledge of Microsoft environments and security controls Experience with incident response, vulnerability management, and security risk mitigation Confident working with both technical teams and business stakeholders Solid understanding of security frameworks and compliance standards Ability to lead projects More ❯

hierarchy or titles. It's about impact, curiosity and partnering to build something that scales well and feels right. You'll be hands on with architecture, tooling, policy and incident response. You'll enable teams to move quickly and securely, bringing clarity to complex problems and designing systems that work long after you're done with them. What you … ll be doing Collaborating with your teammates to take ownership of security across the business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage … security and data privacy, helping ensure we remain audit ready Building lightweight processes that make it easy for teams to do the secure thing by default Sharing ownership of incident response including triage, coordination and postmortem analysis Partnering with engineers and product teams to embed secure thinking into design and delivery Keeping pace with emerging threats and contributing More ❯

to join our foundational in-house SOC team. In this pivotal role, you will be instrumental in supporting the development, implementation, and operating of our security monitoring, detection, and response capabilities, with a particular focus on our cloud environments. You'll be at the forefront of responding to incidents and alerts, and helping shape the future of our security … various security tools Perform triage and analysis of security incidents and anomalies, distinguishing between true positives and false positives. Prioritise alerts based on severity, potential impact, and business criticality. Incident Detection & Response: Investigate security incidents thoroughly, leveraging logs from platforms, endpoints, applications, and other security tools. Create and follow incident response playbooks and contribute to their … continuous improvement. Collaborate with Technology, Product and Engineering Teams to contain, eradicate, and recover from security incidents. Document incident details, findings, and remediation steps accurately and comprehensively. Additionally Stay informed about the latest cyber threats, attack techniques, and vulnerabilities, especially those targeting cloud environments. Participate in proactive threat hunting activities using available tools and data sources. Contribute to the More ❯

malicious content. Configure and maintain web and email filtering solutions to block phishing attempts, malware, and other threats. EDR and XDR Technologies: Administer and respond to Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) technologies to swiftly mitigate threats. Monitor alerts, investigate incidents, and take appropriate actions to contain and remediate threats. Security Governance and … security layers align against our Internal Security Standards and Statutory and Regulatory obligations. SIEM Management: Manage, monitor, and respond to security incidents and events using the Council's Security Incident and Event Monitoring (SIEM) platform. Ensure timely detection, analysis, and response to security incidents to minimise impact and support recovery efforts. As part of our team, the successful … phishing protection, and ensuring compliance with security policies. EDR and XDR Technologies: Detailed practical knowledge of administering and responding to EDR and XDR technologies. Experience with endpoint security solutions, incident response procedures, and threat detection and remediation. Security and Cloud Architecture: Broad knowledge of Security and Cloud architecture principles. Management Reporting: Recent experience of providing high-quality management More ❯

cyber resilience. As a Senior Cyber Security Analyst, you will play a key role in protecting systems, networks, and data against cyber threats. You will lead threat detection and incident response efforts, support the development of security policies and controls, and work closely with stakeholders to ensure compliance and security best practice across the business. You will also … cyber security best practice is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat intel research and recommends security … Detailed understanding of application security along with experience of working alongside software development teams, supporting and advising on best practice to maintain security. Significant experience of endpoint detection and response (EDR) technologies and network detection and response (NDR) technologies. Detailed knowledge of Information Security standards including Cyber Essentials, Cyber Essentials Plus and ISO27001. Good understanding of Linux and More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story.As our Site Reliability Engineering Manager you will:- Lead … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

of our international businesses, with a focus on resiliency, this role has an opportunity to provide strategic guidance on improvements. At the forefront of providing production support services including, incident logging, incident resolution, problem management, change management practices, and SRE support, we are inviting you to join our success story. As our Site Reliability Engineering Manager you will … a culture of collaboration, innovation, and continuous improvement. Assist with the design, implementation, and maintenance of systems to ensure high availability, scalability, and performance. Develop and implement strategies for incident response, root cause analysis, and post-mortem reviews to prevent future incidents. Work closely with business and technology teams to understand their needs and ensure alignment with reliability More ❯

Proactively work with business units and global functions in InfoSec to support internal and external audits and ensure their success, Support other InfoSec teams and local IT teams during incident management and incident response activities, Liaise with Data Protection Officers for the implementation of data protection processes and controls, and during any data privacy issue, Contribute to More ❯

such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience More ❯

What you'll be doing Drive improvements to cyber security posture across internal and customer-facing platforms Design and secure cloud-based infrastructure and customer applications Perform threat detection, incident response , and vulnerability remediation Maintain security architecture documentation and collaborate with third-party vendors Conduct threat intelligence research and recommend ongoing improvements What you'll need Strong technical More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

staff or contractors on-site, including a dedicated Factory Systems Support team (CIM), Operational Technology Engineers, Data Engineers, and Web Developer Monitoring and reporting on system performance, availability, and incident response metrics Providing leadership in incident management and root cause analysis for system-related issues, while also ensuring effective change control procedures for all changes introduced to More ❯

with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First Responders assist with pro-active security operations, including both regularly scheduled security assessments as well as ad-hoc … security taskings Location Hybrid - Bristol or London Type Permanent, full-time Immediate Who we are looking for. The responsibilities of this role include: Initial triage and response to security alerts. Supporting customer cloud infrastructure & security posture. Monitoring and resolution of key security metrics. Identify emerging security trends. IOC creation based on emerging threats. Acting as a key part of … the cyber incident response team. Completion of proactive security reports. 24/7 Shift Work - 4 on 4 off pattern. This role will require working within a close-knit team to help build Stripe OLT as a global leader in cyber security - focused specifically on defensive domains. The role requires a self-starter, an ideal team player who More ❯

and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security standards, and frameworks such More ❯

and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security standards, and frameworks such More ❯