1 to 25 of 110 Permanent Incident Response Jobs in the North of England

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident review, in addition this role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents … occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration between cross functional teams and suppliers to restore normal service operation as quickly as possible., Summary The Major Incident Manager will lead Critical and Major Incidents from detection through to resolution and post incident … role will coordinate Problem Investigations and track the delivery of Problem resolution plans to reduce the likelihood of repeat Incidents. This role will provide a rapid and highly effective response when Critical or Major Incidents occur, ensuring business impact analysis is completed, adopting the correct Incident response model, and then confidently leading the communication, escalation and collaboration More ❯

This role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems … Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of Disaster Recovery (DR) and Business Continuity principles. Excellent communication skills, with … impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

across our three UK brands: PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security … SOC, engineering, and information security Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation … Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge of incident response, threat hunting, and vulnerability management. Excellent stakeholder management and communication skills - able to explain complex risks in simple terms. Experience building and mentoring high performing teams across More ❯

cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security Incident Response Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on team, you will also contribute to wider security initiatives, incident response, and security awareness across the business. 🏡 Your day-to-day responsibilities Threat & Vulnerability Management Operate and optimize vulnerability management tooling, including PortSwigger BurpSuite Enterprise, CrowdStrike Exposure Management … sources to identify new vulnerabilities, exploits, and attack vectors. Provide actionable intelligence to IT and security teams, ensuring timely patching and mitigation. Contribute to the refinement of detection and response based on emerging threats. Security Operations & Collaboration Work closely with IT, development, and product teams to embed vulnerability management into the SDLC. Contribute to broader security operations, including incident response, policies, security reviews, and audits. Support security awareness efforts by advising stakeholders on risks and mitigation strategies. Participate in security automation initiatives to improve efficiency and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. More ❯

responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & Incident Response Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯

business teams to implement strong cryptographic controls. Drive improvements in secure key lifecycle management, encryption, and authentication processes. Ensure the operational reliability and security of cryptographic services through monitoring, incident response, and proactive risk mitigation. Essential Skills & Experience Proven experience in Cryptography, Secure Key Management, and Information Security. Hands-on expertise with HSM configuration, installation, and support. Experience … and documentation tools (e.g., MS Office). Highly Valued Skills Security or cryptographic certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, or equivalent). Experience in operational security environments, including incident response, risk management, and change control. Familiarity with SharePoint, Confluence, JIRA, and Unix/Windows environments. Knowledge of data protection regulations, compliance standards, and privacy frameworks. Strong technical More ❯

experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards … of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

as subject matter experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical … SMEs at a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both More ❯

brilliant opportunity for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. You'll lead on threat detection, incident response, and security improvements, working closely with teams across the business to maintain compliance and best practice. What you'll do: Lead threat detection, incident response More ❯

As a Cybersecurity Analyst at EG Group, you will be responsible for monitoring and triaging alerts escalated from partners and wider internal teams. You must have working experience of incident response and end-to-end security processes and procedures. You will provide a comprehensive range of technical, operational, and risk management services. By working closely with our global … identified vulnerabilities, collaborating with other technology teams. Remediate incidents escalated from tier 1 SOC analysts. Assess the scope and impact of the attacks on affected systems and networks. Conduct incident response activities using IOCs to identify and contain threats. Stay updated on emerging threats and technologies. Maintain and tune XDE/MDR/EDR and supporting tools. Tracking More ❯

global initiatives to be successfully deployed in region Implement and maintain security policies, protocols and measures across all platforms and locations, driving alignment with our global operating model Lead incident response efforts and manage the investigation of security breaches Collaborate with other Technology departments to ensure compliance with security standards, necessary security monitoring is in place and risks … Minimum basic requirements Ten or more years in cybersecurity roles in mid to large organisations, recently at or near executive level Strong understanding of cybersecurity frameworks, risk management and incident response protocols Proven leadership capabilities including building diverse teams Outstanding written and verbal communication skills with ability to present to a C-level audience Commercial acumen with an More ❯