1 to 25 of 75 Permanent Incident Response Jobs in the South East

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

enterprise clients.* Full-time, permanent role focused on securing client infrastructures across network, cloud, and endpoint environments.* Hands-on position covering security design, incident response, vulnerability management, and client consultancy.* Hybrid working model with strong benefits, development pathways, and exposure to complex, real-world security challenges.* To apply … Security Engineer, you'll play a key role in securing client IT environments by designing, implementing, and managing robust security solutions. You'll lead incident response activities, conduct vulnerability assessments, and proactively identify risks across network, cloud, and endpoint systems. You'll work directly with clients to understand ...

looking for a SOC Analyst to join an established Security Operations Centre team. This role focuses on incident investigation, triage, and response , along with client engagement and proactive security activities. What You'll Do Investigate and respond to security incidents Perform triage and remediation across client environments Engage … with clients during incident response activities Support proactive security and continuous improvement initiatives Mentor junior team members where appropriate What We're Looking For 2+ years' experience in cyber security, ideally incident response Strong communication skills Experience across Windows, Linux/Unix, and macOS Knowledge ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

cloud environment. This is not a traditional SOC role focused on alert handling . The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment. … senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes. Typical responsibilities include: Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis. Designing, tuning and improving detection across SIEM ...

Incident Manager Location: Central London | Salary: £38,000 to £40,000 | Job Type: Permanent Take the lead when it counts most — keep services running and stakeholders confident. Are you an experienced IT Incident Manager looking for a new challenge in a fast-paced and high-impact environment? This … manage high-priority and major incidents from initiation to resolution Coordinate cross-functional IT teams to restore services quickly Maintain ownership of the incident lifecycle and ensure SLAs are met Act as the central communication point during live incidents Provide clear, real-time updates to stakeholders at all levels ...

support audits across platforms. Ensure compliance with Salesforce security standards (e.g., permission sets, field-level security, data classification). Operations and Reliability Lead incident response and post-incident reviews to improve platform resilience. Define and manage service monitoring, alerting, and error budgets. Champion secure change management practices … processes, Gearset pipelines, and rollback strategies. Metrics and Reporting Establish and report on operational and delivery metrics such as deployment frequency, system reliability, and incident response times. Leadership and Team Management Mentor DevOps Engineers and lead knowledge-sharing sessions. Promote a culture of continuous learning and technical excellence. ...

operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage … vulnerability assessments and remediation efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

operational needs Translate SOC analyst pain points, workflows, and use cases into actionable product features and user stories Design and validate alert prioritization algorithms, incident triage workflows, and automated playbook logic based on operational experience Collaborate with product managers to shape product strategy, roadmap priorities, and feature definitions Conduct … experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat ...

leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client is a respected not-for-profit UK organisation with … regulatory requirements. Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight. Set, enforce, and update security policies, standards, and technical controls. Lead incident response, including investigation, coordination, remediation, and reporting. Manage supplier assurance, third-party risk, and security obligations within contracts. Plan and support external audits ...

Your role will often require close collaboration with other parts of the business to help identify, enable, and drive the right investigation steps and response actions. The GSOC defends the whole of Nationwide and Virgin Money's estate, both Member-facing and support capabilities, requiring engagement and communication with … both technical and non-technical teams across the business. You'll help mature our internal processes, developing or defining appropriate detection, response and containment capabilities as well as contributing to the GSOC Strategy. You will help shape our future technology direction, suggesting and assisting with innovative ways to combat ...

implementing technical protocols to owning security compliance to championing best security practice to the business. The Role Design and implement security solutions Contribute to Incident response and Disaster Recovery programs Partner with IT and wider business to align processes with best practice Ensure compliance with security policies, procedures … frameworks Lead and participate in incident response and disaster recovery programs Skills and Experience Strong knowledge of IT infrastructure and security tools Proven understanding of desktop and server operating systems Experience with SIEM, endpoint protection, identity management and cloud security tools Understanding of cloud security and compliance (CISSP ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

align IT priorities. Conduct regular service reviews and provide reporting ahead of key meetings, demonstrating performance against KPIs, SLAs and contractual obligations. Risk & Incident Management Develop and maintain risk management strategies to minimise service disruption. Lead incident response and ensure timely resolution, minimal business impact and clear ...

principles Risk management methodologies Experience working within cloud security shared responsibility models Working knowledge of Identity and Access Management (IAM) Experience supporting security monitoring, incident response, and investigations Strong communication skills with the ability to engage both technical and non-technical stakeholders Desirable/Preferred Experience Experience working ...

alerts. Deploying, scaling, and managing containerised applications using tools like Kubernetes for clients who require container platforms Support patching, vulnerability remediation, and security incident response activities to maintain secure environments. Assist with the operational management of data platforms, including storage, protection, replication, and automation of data workflows. Manage ...

Cloud security, risk & operations Perform ongoing security assessments across infrastructure and applications, including vulnerability testing and technical risk analysis. Serve as the primary security incident lead, responsible for root cause analysis, coordination of remediation and post-incident review. Maintain, test and continuously improve incident response ...

promoting a culture of security awareness. Key Responsibilities: Perform vulnerability assessments and penetration testing. Collaborate with technical teams to remediate risks. Maintain and evolve incident response plans and playbooks. Analyse security logs and threat intelligence feeds. Ensure compliance with GDPR, SOX, PCI, and internal policies. Lead security awareness ...