1 to 25 of 40 Permanent Incident Response Jobs in Scotland

Move to Skip to Content Link Select how often (in days) to receive an alert: Date: 7 Aug 2025 Location: Edinburgh, GB Company: Royal London Group Job Title: Cyber Incident Response Analyst Contract Type: Full time Permanent Locations: Edinburgh/Glasgow/Alderley Park/London Working style: Hybrid 50% home/office based Closing date: 20th August … This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will coordinate activities between Defence, Threat Intelligence, SOC, and Engineering, and be the point of contact for IT Security within the Royal London Group … incident management process. The team's purpose is to minimise and control damage resulting from cybersecurity incidents, ensuring that the appropriate incident management and response controls are in place and operating as required to enable the identification, protection, detection, response, and recovery of RLG information assets. It outlines how the role contributes to our purpose: Helping More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

Senior Incident Responder/IR Consultant Hybrid - Edinburgh Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Senior Incident Responder/IR Consultant Hybrid - Glasgow Up to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR/DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

resilient digital world. You will act as a critical liaison between client stakeholders and internal operational teams, ensuring the delivery of world-class cyber security services. You’ll drive incident response coordination, lead vulnerability management efforts, and ensure service excellence through strategic oversight and hands-on technical engagement. What You’ll Be Doing Serve as the key point … of contact and escalation for clients across SOC services. Coordinate incident response activities, leading investigation, containment, and remediation alongside technical teams. Manage post-incident reporting and continuous service improvement initiatives. Support compliance with SLAs and ensure services meet contractual, operational, and quality standards. Lead service reviews and present performance reports to clients (weekly/monthly). Oversee … of experience in technical support for SOC or Cyber Security operations. 5+ years of vulnerability management experience, with demonstrable risk-based prioritisation skills. Proven leadership in high-pressure, crisis-response situations. Strong client relationship management and stakeholder engagement skills. In-depth understanding of incident response frameworks and operational delivery. Experience managing IDS/IPS technologies and security More ❯

that underpin secure business operations. They will play a key role in shaping and executing the IT security strategy, acting as a subject matter expert while supporting compliance, training, incident management, and continuous improvement efforts across the organisation. Key Responsibilities: Oversees the daily operations of the IT Security team, ensuring service levels and internal objectives are consistently met. Leads … security projects, aligning them with broader strategic objectives and deadlines. Contributes expert guidance into IT strategy and supports its implementation from a security standpoint. Owns the organisation's security incident response process, including investigation, reporting, and post-incident analysis. Assesses existing system security and proposes improvements to strengthen infrastructure resilience. Ensures the secure handling, processing, and transfer … AWS). Experience with security frameworks and regulatory compliance, including ISO 27001 and GDPR. Demonstrated ability to lead, coach, and develop high-performing technical teams. Track record of managing incident response and conducting technical investigations. Confident multitasker with strong project delivery and organisational skills. Experience in performing or participating in IT security audits. Excellent communication skills, both verbal More ❯

internal and external audits and maintaining a comprehensive set of company policies. The role involves ensuring adherence to evolving regulations, general Health & Safety tasks, managing risk assessments, and supporting incident response processes. Key responsibilities include: Compliance Accreditations Overall management of Compliance areas of responsibility within our Information Security Management System (ISMS) including leading the ISO Committee, management and … including the Health and Safety Risk Register, completion of risk assessments and assisting in our monthly risk reports to the senior leadership team Assist, or own in some cases, incident response proceedings in the event of an Information Security Incident or Health and Safety Incident Collaboration with internal and external teams to raise awareness of Compliance More ❯

reliability, scalability, and performance of cloud infrastructure and platform services supporting Risk Foundations. This role ensures that services meet defined Service Level Objectives (SLOs), manages error budgets, and leads incident and problem management across multiple feature teams! The Lead SRE supports methodologies in SRE and collaborates with product and application teams to integrate reliability engineering into delivery pipelines! Key … own the SLOs for critical platform services. Monitor system health, manage error budgets, and drive improvements in Mean Time to Failure (MTTF) and Mean Time to Recovery (MTTR). Incident & Problem Management: Lead incident response and post-mortem analysis. Ensure root cause identification and long-term remediation strategies are implemented. Platform Advocacy & Collaboration: Champion SRE principles across … people to innovate, explore possibilities and grow with purpose. What you'll need Proven experience embedding SRE practices within large-scale cloud environments. Strong understanding of observability, monitoring, and incident response tooling. Experience with infrastructure-as-code, CI/CD, and cloud-native technologies (e.g., GCP, Azure). Ability to lead cross-functional teams and influence technical direction. More ❯

an exciting opportunity to play a key role in shaping the transformation journey of enterprise clients. The role will suit professionals with a strong background in SOC service delivery , incident response coordination , and vulnerability management . Key Responsibilities: Act as the primary liaison between clients and internal operational delivery teams, ensuring seamless communication and service excellence. Serve as … the key escalation point for clients, managing security incidents from detection to resolution. Lead coordination efforts across Security Operations Centre (SOC), Incident Response, and technical teams during major incidents. Identify impacted systems, users, and business functions, and ensure timely stakeholder communication. Oversee remediation and containment activities and coordinate post-incident investigations and reporting. Ensure all service delivery … stakeholders. Manage and maintain IDS and IPS signature updates for client security gateways and firewalls. What You'll Bring: The ideal candidate will bring extensive experience in security operations , incident management , and service delivery in high-stakes environments. Key qualifications and experience include: Minimum of 10 years' experience providing technical support and advisory services within a Security Operations Centre. More ❯

you will: Act as a bridge between the Customer and the Operational Delivery Teams Act as a primary escalation point of contact to the customer Coordinate the Security Operations, Incident Response Teams and other technical resources needed to troubleshoot major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and … coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation activities in conjunction with relevant support teams. Coordinate post incident investigation with relevant teams or … of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years' experience in providing Vulnerability Management Services Demonstrable More ❯

system alerts, incidents, and service requests are triaged and resolved promptly. Manage and report on SLA adherence, escalations, and ticket backlog. Implement and refine standard operating procedures (SOPs) for incident response, change control, and communications. Analyse incident trends and drive root cause analysis and long-term remediation. Collaboration & Escalation Act as the escalation point for major incidents … issue resolution and ticket handoffs. Tools & Reporting Oversee effective use of monitoring tools, ticketing systems (e.g. Jira, ServiceNow, Zendesk), and dashboards. Generate and present weekly/monthly KPIs covering incident response, MTTR, system health, and team performance. Identify and implement improvements through automation, process optimisation, or technology upgrades. Skills & Experience Essential Proven experience managing a Network Operations or … Technical Support team in a 24/7 environment. Strong technical background in networking, infrastructure operations, or cloud services. Excellent understanding of incident/ticket lifecycle, SLA management, and escalation protocols. Demonstrated ability to lead, develop, and retain engineering talent. Experience with monitoring platforms (e.g. Nagios, Zabbix, SolarWinds, Prometheus) and ticketing tools. Excellent communication, time management, and decision-making More ❯

dynamic scanning (DAST), and security testing frameworks. Assist in streamlining vulnerability remediation processes, tracking defect status, and facilitating vulnerability information flow to development teams. Learn and support Product Security Incident Response Team (PSIRT) processes, including vulnerability management, security advisory creation, and coordinated disclosure procedures. Contribute to Regulatory Compliance: Assist the team with documentation, evidence collection, and maintaining accurate … to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the 'security champions' program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic and detail … or JavaScript) and familiarity with code review processes. Basic understanding of cloud security concepts and familiarity with major cloud platforms (AWS, Azure, or GCP). Familiarity with Product Security Incident Response Team (PSIRT) processes, including vulnerability management. Knowledge of compliance frameworks (such as SOC 2, ISO 27001, or GDPR) and/or experience participating in security assessments or More ❯

dynamic scanning (DAST), and security testing frameworks. Assist in streamlining vulnerability remediation processes, tracking defect status, and facilitating vulnerability information flow to development teams. Learn and support Product Security Incident Response Team (PSIRT) processes, including vulnerability management, security advisory creation, and coordinated disclosure procedures. Contribute to Regulatory Compliance: Assist the team with documentation, evidence collection, and maintaining accurate … to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the "security champions" program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic and detail … or JavaScript) and familiarity with code review processes. Basic understanding of cloud security concepts and familiarity with major cloud platforms (AWS, Azure, or GCP). Familiarity with Product Security Incident Response Team (PSIRT) processes, including vulnerability management. Knowledge of compliance frameworks (such as SOC 2, ISO 27001, or GDPR) and/or experience participating in security assessments or More ❯

/OT systems for O&M (e.g., CMMS, SCADA, condition monitoring, data analytics) Develop spare parts, tools, and warehouse management systems Work with project stakeholders to implement the emergency response and incident management framework for offshore operations Establish and manage contracts for key services (e.g., vessels, port services, OEM service agreements, balance-of-plant maintenance) Operations & Maintenance Management … operations and equipment Deliver regular reporting on production, asset performance, costs, and safety metrics Develop stakeholder relationships, including with OEMs, service contractors, regulators, and local communities Provide leadership in incident response and root cause investigations Skills: Ability to work proactively and flexibly in a start-up/build-up environment Strong organisational, communication, and stakeholder management skills Knowledge More ❯

ISO 27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and enhance incident response capabilities and documentation. Collaborate with developers and clients to embed secure coding practices and provide expert security guidance. Contribute to team development through mentoring, knowledge sharing, and More ❯

seamless technology operations that enable our consultants and internal teams to deliver exceptional client services. This role is critical in maintaining business continuity by providing first-line technical support, incident management, and problem resolution while upholding the highest standards of information security that our clients expect. Technical Support & Incident Management Provide technical support via phone, email, and ticketing … network issues Triage and prioritise incoming support requests based on business impact and urgency Diagnose and resolve technical problems or escalate complex issues to appropriate specialist teams Maintain detailed incident records and ensure timely communication with end users System Administration & Maintenance Perform routine maintenance tasks on servers, workstations, and network infrastructure Manage user accounts, permissions, and access rights across … Monitor system performance and proactively identify potential issues before they impact operations Security & Compliance Ensure all support activities comply with cybersecurity best practices and industry standards Assist with security incident response when required, following established protocols Maintain strict confidentiality of sensitive client and company information Support compliance audits and security assessments as needed Documentation & Process Improvement Create and More ❯

implement policies, standards, and controls. Lead security risk assessments, audits, and compliance initiatives and promote security awareness and training programs tailored to business needs. Support business continuity planning and incident response, including participation in on-call duty in connection with security incidents Monitor and report on key security metrics and risk indicators. Identify, register and assess cyber risks More ❯

audits Develop and maintain security compliance documentation Coordinate and respond to penetration testing activities Implement security recommendations and remediation plans Ensure infrastructure meets corporate security standards Participate in security incident response planning Business Continuity: Lead disaster recovery planning for scientific computing infrastructure Coordinate and execute DR testing Maintain DR documentation and procedures Develop and maintain business continuity plans … Technical: Infrastructure architecture and design Performance optimization Problem-solving and troubleshooting Security best practices Technical documentation Business & Management: Contract negotiation and management Budget planning and control Risk management Audit response and compliance Strategic planning Vendor management Cost-benefit analysis Interpersonal: Strong communication skills Stakeholder management Team collaboration Conflict resolution Customer service orientation Ability to bridge technical and scientific domains More ❯

and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations More ❯

and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to enhance security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations More ❯

and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating workbooks/dashboards, and writing KQL queries. Understanding of incident response, security event correlation, and automation via Logic Apps. Solid grasp of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune/Endpoint More ❯

Objectives: Assess the cybersecurity robustness of architectures, technologies, & procedures in client facilities. Design solutions that meet client requirements and implement security measures (e.g., antivirus, patch management, insider threat protection, incident response, compliance). Conduct vulnerability assessments & audits on client systems & network devices, considering OT sensitivities. Provide expertise in network design, implementation, & testing for automation & control systems. Identify & define More ❯

Description Provide outstanding customer service via phone and our ticketing system Triage incoming tickets and prioritise effectively Resolve incidents and service requests Learn and practise key IT processes including incident management, change control, and major incident response Work alongside experienced engineers and specialists to support our customers Key Details Vacancy Title Waterstons - Digital and Technology Solutions Professional More ❯

model. Partner with DevOps, TechOps, InfoSec, and Engineering teams to ensure systems are resilient, scalable, and secure . Play a key role in disaster recovery planning , capacity management , and incident response . Continuously evaluate and adopt new technologies that drive business value and operational efficiency . What You Bring 10+ years in enterprise-level system/network design More ❯

and increase efficiency. Upgrade and maintain cloud platforms with minimal service disruption and clear documentation. Develop monitoring and alerting systems to proactively prevent issues before they impact users. Lead incident response efforts and provide advanced troubleshooting when challenges arise. Work across teams – supporting development, QA, Service Desk, and Field Engineering to improve processes and resolve escalations. Mentor junior More ❯