1 to 25 of 165 Permanent Incident Response Jobs in the South East

to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation. Your Impact Weekend Work Schedule is Friday-Monday (10 hr work day/40 hr work week) Perform reactive … incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs) Examine firewall, web, database, and other log sources to identify evidence of malicious activity Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation … tools to determine source of compromises and malicious activity that occurred in client environments Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations Ability to perform travel requirements as needed to meet business demands (on average 20%) Mentorship of team members in incident More ❯

to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation. Your Impact Weekend Work Schedule is Friday-Monday (10 hr work day/40 hr work week) Perform reactive … incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs) Examine firewall, web, database, and other log sources to identify evidence of malicious activity Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation … tools to determine source of compromises and malicious activity that occurred in client environments Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations Ability to perform travel requirements as needed to meet business demands (on average 20%) Mentorship of team members in incident More ❯

engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (security teams, system and network administrators and owners, C-Suite, etc.) to manage and deliver proactive incident preparedness engagements, as well as wider proactive assessments and services. Your Impact Lead proactive incident preparedness projects, including but not limited to TableTop Exercises (TTX), Incident Response Plans and Response Maturity Assessments Review Crisis Management, Incident Response, Business Continuity and Disaster Recovery Plans, and other relevant documents that support holistic business resilience Plan and deliver a range of TTXs, including writing post exercise reports that provide detailed analysis and recommendations on areas for improvement Manage and contribute incident preparedness and other cyber … security engagements from initial scoping through to delivery Ability to perform travel requirements as needed to meet business demands (on average 20%) Qualifications Your Experience 8+ years of incident preparedness and/or incident response related consulting experience with a passion for cyber security Experience with leading and delivering complicated engagements including scoping, interfacing with the client More ❯

engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (security teams, system and network administrators and owners, C-Suite, etc.) to manage and deliver proactive incident preparedness engagements, as well as wider proactive assessments and services. Your Impact Lead proactive incident preparedness projects, including but not limited to TableTop Exercises (TTX), Incident Response Plans and Response Maturity Assessments Review Crisis Management, Incident Response, Business Continuity and Disaster Recovery Plans, and other relevant documents that support holistic business resilience Plan and deliver a range of TTXs, including writing post exercise reports that provide detailed analysis and recommendations on areas for improvement Manage and contribute incident preparedness and other cyber … security engagements from initial scoping through to delivery Ability to perform travel requirements as needed to meet business demands (on average 20%) Qualifications Your Experience 8+ years of incident preparedness and/or incident response related consulting experience with a passion for cyber security Experience with leading and delivering complicated engagements including scoping, interfacing with the client More ❯

Senior Cyber Incident Response InvestigatorFully UK RemoteDV Clearance or eligibility essential£80,000 + OT and On-Call earning £100,000+ Excellent opportunity for a candidate with Incident Response experience, DV Clearance or the ability to obtain it, and extensive experience with cyber forensic tools to join a business offering an entirely remote working position, the … key stakeholders within your client. This is a highly autonomous environment and you'll even set your own hours of work.The ideal candidate will have good experience within Cyber Response and have a wide range of experience with different cyber forensic tools. Candidates must be happy to travel to customer sites a few times a year, must be eligible … a wide and varied client base, remote working opportunities, and the chance to make a real difference to businesses across the UK and Europe! The Role: *Senior-Level Cyber Incident Response Investigator*Fully Remote*Helping businesses deal with real-time cyber-attacks remotely*Occasionally travelling to customer sites*£80,000 base + OT and On-all bumping total More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments. You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams and contributing to continual service improvement. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain IBM QRadar SIEM platform Onboard and normalize … diverse log sources across hybrid environments Develop and tune analytical rules for threat detection and behavioural analysis Playbook Development & Automation Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) Continuously refine automation based on threat intelligence and incident feedback Threat Detection & Response Monitor and investigate security alerts and anomalies Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks Translate models into actionable SIEM use cases and detection rules Prioritize engineering efforts based on risk More ❯

direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. … Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve More ❯

direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. … Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve More ❯

strategic decisions, and builds the next generation of cyber resilience. ??The Role This is more than a technical position - you'll be a trusted advisor, guiding enterprise clients through: Incident response and threat management Risk assessments and compliance frameworks (GDPR, ISO 27001) Security architecture and advanced defence strategies You'll lead projects end-to-end, mentor junior consultants … impact on clients' security posture. ?? What You'll Do Lead complex, multi-team cyber resilience projects for enterprise clients. Design and implement cutting-edge security frameworks and solutions. Direct incident response during live breaches. Advise senior stakeholders with clear, business-focused guidance. Run Agile ceremonies to drive project efficiency. Mentor junior consultants and contribute to growth. Support business … development through proposals and client engagement. ??? What We're Looking For Proven expertise in threat intelligence, risk management, incident response, compliance, and security architecture . Hands-on experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . Confident communicator able to influence executive-level stakeholders . Bonus: experience with virtualisation (VMware, Nutanix), networking More ❯

critical challenges, and deliver solutions that make a real impact. ?? The Role This isn't just a technical role. You'll act as a trusted advisor , guiding organisations through incident response, compliance, risk management, threat intelligence, and security architecture . From hands-on frameworks to executive-level strategy, you'll be at the centre of helping clients protect … what matters most. ?? What You'll Do Lead end-to-end cyber resilience projects with enterprise clients. Design and implement advanced security frameworks and solutions. Direct incident response teams during live breaches. Advise senior stakeholders with clear, business-focused guidance. Run Agile ceremonies to keep projects sharp and effective. Mentor junior consultants and build team capability. Contribute to … business growth through proposals and client engagement. ??? Skills & Experience Proven expertise in threat intelligence, risk management, incident response, compliance (GDPR, ISO 27001), and security architecture . Experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . Confident communicator, able to influence executive stakeholders . Track record leading complex, multi-team cybersecurity projects . More ❯

leading Managed Security Services Provider (MSSP) . You’ll play a vital role in monitoring and analysing the global threat landscape, working closely with offensive cyber, detection engineering, and incident response teams to deliver actionable intelligence that protects our clients. ✨ What’s in it for you? Build expertise across multiple cyber domains — including offensive security, digital forensics, and … by delivering high-impact, actionable threat intelligence. 🔎 What you’ll be doing: Monitoring dark/deep web activity to identify threats, breaches, and IOCs. Performing OSINT investigations to support incident response, threat hunting, and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing More ❯

leading Managed Security Services Provider (MSSP) . You’ll play a vital role in monitoring and analysing the global threat landscape, working closely with offensive cyber, detection engineering, and incident response teams to deliver actionable intelligence that protects our clients. ✨ What’s in it for you? Build expertise across multiple cyber domains — including offensive security, digital forensics, and … by delivering high-impact, actionable threat intelligence. 🔎 What you’ll be doing: Monitoring dark/deep web activity to identify threats, breaches, and IOCs. Performing OSINT investigations to support incident response, threat hunting, and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing More ❯

they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security … Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, cyber risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise More ❯

they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in … Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security … Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, cyber risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident response processes, including forensic readiness and regular tabletop exercises. Compliance: Drive readiness for external certifications (ISO 27001, SOC2) and ensure ongoing … regulatory compliance (GDPR, export control, etc.). Collaboration: Partner with IT Ops Lead to embed controls into infra, IAM, and developer platforms; work with ITSM Lead to ensure security incident handling and knowledge base integration. Awareness & Culture: Develop training, awareness, and a culture of security-first thinking across Humanoid. We’re Looking For Proven experience in cyber security leadership … frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating in a dynamic, high-growth environment with a More ❯

role, you will help monitor and defend networks, systems, and applications against evolving threats. You'll work as part of a team that provides 24/7 monitoring, detection, response, and remediation services for a diverse client base. Key Responsibilities: Support the Managed Extended Detection & Response (MXDR) service. Monitor security alerts and events to identify potential incidents. Assist … monitoring tools such as SIEM, IDS/IPS, EDR, and threat intelligence platforms. Basic understanding of networking, operating systems, and core security technologies. Foundational knowledge of digital forensics and incident response practices. Exposure to scripting/programming languages (e.g., Python, Bash, PowerShell). Strong analytical and problem-solving skills. Good communication and collaboration abilities. Relevant security certifications are … client is unable to offer sponsorship for this role. In order to be considered you must have full, unrestricted right to work in the UK. Keywords: Cyber Security/Incident Response/SOC/Security Operations Centre/Detect and Response/Blue Team/Junior/London Circle Recruitment is acting as an Employment Agency in More ❯

Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and … experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture. Our Commitment We More ❯

Information The Team Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and … experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture. Our Commitment We More ❯

challenge? This role puts you at the front line of cyber resilience in the Defence & Security space. You’ll lead a high-performing SOC, taking ownership of daily operations, incident response and mentoring analysts while shaping detection and response capability. What you’ll do: ✅ Lead SOC operations & incident response ✅ Act as escalation point for complex … SOAR detection/playbooks ✅ Mentor analysts & drive continuous improvement ✅ Support proactive threat hunting & compliance What you’ll bring: ✔ 3+ years’ SOC/security operations experience ✔ Strong knowledge of detection, response & threat analysis ✔ Hands-on with SIEM, SOAR & endpoint tools ✔ Problem-solving mindset & clear communicator ✔ Certs like GCIA, GCIH, CEH or CySA+ are a plus This is a chance to More ❯

challenge? This role puts you at the front line of cyber resilience in the Defence & Security space. You’ll lead a high-performing SOC, taking ownership of daily operations, incident response and mentoring analysts while shaping detection and response capability. What you’ll do: ✅ Lead SOC operations & incident response ✅ Act as escalation point for complex … SOAR detection/playbooks ✅ Mentor analysts & drive continuous improvement ✅ Support proactive threat hunting & compliance What you’ll bring: ✔ 3+ years’ SOC/security operations experience ✔ Strong knowledge of detection, response & threat analysis ✔ Hands-on with SIEM, SOAR & endpoint tools ✔ Problem-solving mindset & clear communicator ✔ Certs like GCIA, GCIH, CEH or CySA+ are a plus This is a chance to More ❯