1 to 25 of 156 Permanent Incident Response Jobs in the South East

Incident Response Specialist – Permanent | Hybrid We’re partnering with one of the UK’s leading organisations in the search for an Incident Response Specialist to join their dedicated CSIRT (Computer Security Incident Response Team). In this critical role, you’ll fully own the … Incident Response lifecycle—from investigation and deep forensics through containment and eradication. You'll work in an environment that invests heavily in advanced security technologies and fosters a proactive approach to cyber resilience through war-gaming, tabletop exercises, and continuous improvement initiatives. Key Responsibilities: Lead investigations into complex … cyber incidents, conducting in-depth forensic analysis to determine root cause and eliminate threats. Maintain and improve incident response and forensic tooling, ensuring high operational readiness. Coordinate and manage responses to high-severity incidents, working cross-functionally to reduce impact and restore normal operations. Organise and lead tabletop More ❯

IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing performance, and driving continuous improvement. Take the lead management responsibility for all cyber … security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that may go undetected in our environment that have evaded our automated security tools and defences. … Accountable for Cyber Security incident response management including the establishment, maintenance and improvement of cyber security incident response plans, procedures, and playbooks. Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security More ❯

Cyber Security Incident Response Lead We are working with a company that is looking for an experienced CSIRT specialist with a strong track record in high-stakes cyber incident response and digital forensics to take ownership of the IR process and help drive automation across the … CSIRT team. What You’ll Be Doing: Lead end-to-end cyber incident response investigations, including breach analysis, e-Discovery, and network forensics. Design, build, and maintain forensic infrastructure and incident response tooling. Take ownership of cyber investigations and coordinate response efforts across teams. Run … and support cyber tabletop exercises, resilience drills, and war-gaming sessions. Monitor and analyse security alerts, coordinating swift response and resolution. Perform detailed forensic reviews and support third-party security assessments. Present incident progress, reporting clearly to senior stakeholders, and escalating when necessary. Maintain real-time dashboards and More ❯

Cyber Threat Incident Manager - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous … team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes - Familiarity with incident response tools and measures - Relevant industry certifications would be seen as advantageous (CISSP, OSCP, OSCE etc. More ❯

on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions … Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively … in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements. Ability to help maintain and audit compliance for More ❯

Join Centrica's IT Security Team as a Cyber Security Incident Response Manager! ?? Are you ready to drive the UK's energy transformation? Centrica is looking for a skilled Cyber Security Incident Response Manager to join our IT Security team. You'll handle cyber incident … investigations, e-Discovery, network forensics, and cyber breach inquiries. Location: Hybrid working with occasional travel to Windsor. Key Accountabilities: Carry out forensic analysis and incident response investigations Build and manage forensic and incident infrastructure. Lead cyber forensic investigations. Support weekly security operations calls. Oversee resilience planning and … and remediate vulnerabilities. Analyse security reports and manage alerts. Stay updated on security policies and regulations. Experience Required: Expert in Security Operations and Security Incident Response. Expert in cyber incident investigations, e-Discovery, network forensics, and cyber breach inquiries Proficiency in SIEM, SEM, and log monitoring. Scripting/ More ❯

procedures, ensure regulatory compliance, and collaborate with various departments on security-related initiatives. The role is ideal for someone with technical expertise in cyber incident response and analysis. Key Responsibilities: Support Cyber Security Operations, Incident Response and Investigations. Enforce security policies and ensure regulatory compliance. Analyse … resilience activities. Qualifications: Bachelor’s degree in Information Security, Computer Science, or related field. Experience in Cyber Security Operations with a track record in Incident Response and Investigations. Experience with Microsoft Defender and Sentinel. Knowledge of security analysis and incident response. Preferred experience in financial services information … NIST CSF & CIS frameworks. Strong analytical, communication, and teamwork skills. Skills & Experience: 5+ years in enterprise cybersecurity IT, with Cloud and On-premise experience. Incident Response and Investigations experience. Microsoft Security certifications or equivalent (MS365/Azure). Knowledge of modern operating systems, networking protocols, and cyber risks. More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

By combining advanced technology and expert human insight, we provide a portfolio of comprehensive services, including 24/7 Managed Security Operations Centre (SOC), Incident Response, Penetration Testing, Cyber Risk Assessments, CISO/CIO as a service, and Training. Our certified security experts and consultants offer tailored solutions … seen as a subject matter expert when leading engagements. • Security Assessment & Recommendations on behalf of our clients: Conduct regular security assessments, risk analyses, and incident response guidance. Recommend and prioritise remediation efforts based on findings. • Security Solutions Design: Architect and design cybersecurity solutions for a wide range of … GDPR, ISO 27001, NIST, Cyber Essentials and NIS Directive. Offer guidance on data protection and cybersecurity practices in line with local and international standards. • Incident Response: Assist in developing and maintaining an incident response plan; provide expertise when responding to and investigating security incidents. Deliver tabletop More ❯

projects concurrently in partnership with our technical teams, clients, and internal stakeholders. This position will be focused on Unit 42’s Digital Forensics and Incident Response engagements, as well as Proactive Service engagements, and will report directly to the Manager for Unit 42 Security Consulting Project Management Office … PRINCE2 certification, or equivalent preferred 7+ years of professional experience in Project Management, focusing in one or more of the following: Cybersecurity, Digital Forensics, Incident Response, or Software Defined Lifecycle (SDLC)/Infrastructure or other IT related technical environments Ability to lead multiple large-scale projects creating project … Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence … leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities The More ❯

practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems' security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. … Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. … testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such More ❯

a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence processes to align with … a Senior Cyber Threat Intelligence Analyst: Cyber Threat Assessment: Support and lead cyber threat assessments and provide recommendations to technical, managerial, and executive stakeholders. Incident Response Support: Act as part of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat More ❯

Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response experience including developing threat hunting capabilities, security use cases and playbooks. Day to day Development of the tools and processes to establish … evolving attack scenarios. Participate in industry-based Threat Intelligence sharing groups. Produce reports based on threat activity, trends and reported industry incidents. Leading security incident response processes with support from the principal analyst. Integrating and analysing threat intelligence sources necessary to evolve our protective controls accordingly. Ensure our … Security Incident and Event Management (SIEM) and log management capabilities are comprehensive enough to provide actionable alerts, limiting noise and false positives. Ensure preparedness for the most common threats and scenarios, supporting the development of playbooks. Reduce the organisation's attack surface across all environments to minimise the risk More ❯

fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … community and awareness of emerging trends Role & Responsibilities As a Senior Security Operations Centre Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic, hands-on SOC Manager … of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response capabilities. Develop and maintain … shift schedules, ensuring full coverage with minimal disruption. Act as a senior escalation point for critical incidents and lead major incident response efforts. Mentor and develop a high-performing team of Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering More ❯

flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able … cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading More ❯

flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills … tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. … engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). More ❯

and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong … processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading … incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC More ❯

and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and firewalls. Your expertise in incident response and threat intelligence analysis is essential, as is your familiarity with the Mitre Att&ck framework and advanced threat detection techniques. Strong … processes. Active engagement with the cybersecurity community and awareness of emerging trends will significantly bolster your application In this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading … incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating with colleagues to enhance the Security Operations Centre's capabilities Staying abreast of cyber threat developments and contributing to best practices Supporting the continuous growth of the SOC More ❯

be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, Threat Intelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the more junior Analyst within the team … teams to recommend system tuning/configuration improvements and opportunities to develop internal processes and playbooks. Mentor and train junior team members through complex incident response investigations. Key Requirements: Prior experience working in a Senior SOC Analyst capacity, responding to escalated alerts and the most sophisticated incidents whilst … out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯

for our blockchain network, infrastructure, and applications. Protocol & Network Security: Oversee and enhance security for consensus mechanisms, cryptographic algorithms, and network integrity. Threat Detection & Incident Response: Design and implement real-time monitoring, detection, and response frameworks to mitigate security threats and vulnerabilities. Smart Contract Security: Collaborate with … testing, and continuous security assessments. Blockchain & Web3 Security Trends: Stay updated with the latest security threats, attack vectors, and solutions in the blockchain industry. Incident Management & Crisis Response: Develop and oversee a structured approach for incident response, including forensic investigation and post-mortem analysis. Collaboration: Build More ❯

and strategies to senior leadership and board members. Establish, build and maintain strong partnerships with specialist cybersecurity organisations to enhance our cybersecurity posture and incident response capabilities. Security Operations & Engineering Develop, implement, and oversee enterprise-wide security operations to detect, prevent, and respond to cyber threats. Lead and … enhance Security Information and Event Management (SIEM) and Threat Intelligence capabilities. Lead security incident response and forensic investigations, ensuring robust incident handling and mitigation. Report on cybersecurity KPIs and manage significant IS risks and their appropriate Risk Treatment Plans. Risk & Compliance Management Define and enforce IT security … frameworks: ISO 27001, NIST, CIS, SOC 2, GDPR, GXP, etc. Experience in cloud security Proficient in threat modeling, penetration testing, vulnerability management, and security incident response. Demonstrated ability to build security teams and drive cybersecurity initiatives from scratch. Experience in supporting organisations through security accreditation processes. Strong ability to More ❯