1 to 25 of 69 Permanent Incident Response Jobs in the South East

Principal Consultant - Incident Response Salary: Up to £85,000 + cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering proactive incident readiness engagements. You will work closely with organisations to strengthen their preparedness. This includes reviewing and developing incident response plans, facilitating tabletop exercises, running simulated attack scenarios ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

energy operations within a Critical National Infrastructure (CNI) environment. This role is responsible for real-time security monitoring, alert triage, investigation, and early-stage incident response. You will work with industry-standard security monitoring and incident/event management platforms to identify suspicious activity, validate alerts, and escalate … helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business or operational ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

environment and you will have on-going opportunities to develop your technical skills and grow within cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected … malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis, containment, and remediation of security incidents. Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention ...

evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

security alerts, intrusions, and unauthorised activity Responding to incidents in line with defined SOC playbooks Escalating complex or high-risk incidents to Tier 2 Incident Response teams Reviewing vulnerability scan results and feeding findings back to technical teams Supporting secure configuration reviews and remediation activities Producing regular service … Junior SOC Analyst essential skills A qualification in Cyber Security, Computer Science, Networking, or a related technical discipline Strong interest in cyber security and incident response Understanding of core security concepts and common cyber threats Ability to follow processes, investigate alerts, and document findings clearly Willingness to work ...

security alerts, intrusions, and unauthorised activity Responding to incidents in line with defined SOC playbooks Escalating complex or high-risk incidents to Tier 2 Incident Response teams Reviewing vulnerability scan results and feeding findings back to technical teams Supporting secure configuration reviews and remediation activities Producing regular service … Junior SOC Analyst essential skills A qualification in Cyber Security, Computer Science, Networking, or a related technical discipline Strong interest in cyber security and incident response Understanding of core security concepts and common cyber threats Ability to follow processes, investigate alerts, and document findings clearly Willingness to work ...

control systems remain secure, compliant and operationally robust. You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement … safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate ...

clients—from fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth … cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership ...

organisation based in the Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience … procedures, and playbooks to respond to cyber threats. Develop and maintain cyber strategy, capabilities to stay ahead of emerging threats. Lead the Cyber Defence response for the organisation when under cyber-attack. Lead and manage multiple cyber security teams. Engage with stakeholders, report to snr management and collaborate with ...

coming years. Key Responsibilities Monitor, investigate, and respond to security incidents across multiple client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/IPS, and other security tooling Conduct threat … security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures Collaborate with infrastructure and engineering teams to strengthen security posture Produce detailed incident reports and client-facing documentation Assist with vulnerability management and security compliance activities Contribute to mentoring and development of junior team members Required Experience ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

both soft and technical skills, focused on the engineering, optimisation, and support of SOC tooling, telemetry, and detection capabilities to improve threat visibility and incident response across hybrid environments. Key Responsibilities Operate, support, and tune SIEM and security monitoring platforms, including Graylog and Splunk. Maintain and optimise … ingestion pipelines across multiple data sources. Develop and refine detection rules, alerts, dashboards, and SOC playbooks. Support incident response, investigation, and containment activities. Automate SOC processes and workflows using scripting tools such as PowerShell, Python, or Bash. Integrate new systems and infrastructure into SOC monitoring and visibility. Work ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

support operations through accurate metric reporting as needed. Demonstrate effective prioritization and consistently meet established deadlines. Participate in an on-call roster to provide incident response support during off hours as needed. Dedicated to staying aware of current threat landscape and ongoing threat campaigns. Competencies in the following … areas: vulnerability analysis, security alert analysis, email threat analysis, incident response, ability to read and understand essential scripting and database languages (PowerShell, python, SQL, KQL, etc) desired Bachelor’s degree in computer science, information systems, cybersecurity or related field optional. GIAC, ISACA, CompTIA, and/or ISC2 technical ...

implement, and support a range of cyber security solutions across client environments. You will be involved in both proactive security improvement projects and reactive incident response activity, helping clients strengthen their overall security posture. This is a highly varied role suited to someone who enjoys working across multiple … security solutions across network, endpoint, and cloud environments Deploy and manage firewalls, endpoint protection, EDR, and security monitoring tools Lead and support cyber security incident response activities including investigation, containment, remediation, and reporting Conduct vulnerability assessments, security reviews, and risk analysis Recommend and implement improvements aligned to security ...

implementation and improvement of security controls. Develop and deliver a company-wide information security training and awareness programme. Serve as the Primary Incident Response Manager for information security incidents. Manage and review information security risks across the organisation. Lead information security improvement initiatives. Oversee supply chain information security … risks and vendor assessments. Essential Skills & Experience Strong experience in policy and standards development. Cyber incident response expertise. Security architecture knowledge. In-depth understanding of ISO27001 controls. Experience with Cyber Essentials Plus certification. Strong risk management capability. Proven ability to communicate with and influence senior stakeholders. Desirable Audit ...

malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed … tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals ...

standards Act as the on-site technology point of contact Troubleshoot and resolve connectivity issues (Wi-Fi, wired, endpoint, VPN, DHCP/DNS) Coordinate incident response with technical teams Maintain awareness of service performance Communicate clearly with both technical and non-technical stakeholders Balance customer expectations with operational … hospitality or similar) Strong understanding of enterprise IT and networking fundamentals (Wi-Fi, TCP/IP, DHCP, DNS, VPNs, endpoints, service delivery) Experience coordinating incident response in high-pressure environments Ability to manage multiple stakeholders Clear communication with technical and non-technical audiences A calm, structured approach during ...

ROLE SUMMARY Our Global Cyber Defense team is responsible for safeguarding Pfizers digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud and hybrid environments. We are seeking a Senior Manager, Data Protection Engineering, to lead and evolve our data protection capabilities within … enforcement. Partner with Digital, Cloud Services, Infrastructure, and IT teams to ensure data protection controls are designed into platforms, not bolted on post-deployment. Incident Support & Risk Management Partner with Security Operations and Incident Response teams to support detection, investigation, and response to data protection incidents ...