1 to 25 of 613 Permanent Incident Response Jobs in the UK

Senior Analyst, (Delivery Lead), Incident Response London We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some … Working in Cyber at S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we'd like to hear from you. Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success. As a Delivery Lead on our team, you will deploy your incident response More ❯

Security Incident Response Engineer, AWS CorpSec Response Job ID: Amazon Development Centre (London) Limited The Amazon Web Services team is looking for a passionate Security Incident Response Engineer who can lead the response to security issues across the largest cloud provider in the world. You must thrive in dynamic/ambiguous situations, and think … like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on security issues is critical. In this role you'll be conducting security monitoring and response activities for the Amazon internal network. We value broad and deep … technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the domains mentioned above, but we do expect you to be excited to learn about them! You'll apply your More ❯

Cyber Incident Response Lead £60,000 - £70,000 + bonus + extensive benefits Full Time/Permanent Hybrid/West Midlands - minimum 1 day a month in the office The Role and Company: I am looking for a driven Cyber Incident Response Lead to join a large nationally recognised brand head quartered in the West Midlands. … As the Cyber Incident Response Lead you will be responsible for protection of system assets and people from Cyber Security threats. You will work as part of a world class Cyber Security Incident Response Team ensuring that the business is prepared to respond in a coordinated manner to any Cyber Security incidents the organisation may face. … for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Key Responsibilities: Lead and mentor a small but growing team of Incident Responders. Lead the coordination of incident response efforts related to Cyber Security incidents. Plan and deliver incident readiness activities such as exercises. Facilitate and manage relationships More ❯

Incident Response Analyst Cybersecurity Consultancy (UK-Based, Remote with Travel) We are currently working with an innovative and growing UK-based cybersecurity consultancy to recruit an Incident Response Analyst . This is an exciting opportunity to join a forward-thinking organisation that provides penetration testing and continuous vulnerability management services to a wide range of clients … across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. … Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement recommendations. Produce clear More ❯

Security Engineer, Incident Response , Security Incident Response Team (SIRT) Job ID: Amazon Development Centre Ireland Limited Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events … knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Key job responsibilities - Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future. - Assisting in … the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk. - Identifying and recommending solutions that improve or expand Amazon's incident response capabilities. - Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk. - Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal … hands-on role in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement … and embed modern IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process … to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document More ❯

firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes. What you will do Reporting to the global Head of Cyber Defence, the Cyber Defence and Security Operations Manager is a key role within the firm … a team of senior analysts and analysts, providing guidance and direction to protect the organisation's information assets and infrastructure from cyber threats. This will include: Security Monitoring and Incident Response Establish a positive and collaborative working relationship with your Managed Security Service Provider (MSSP) who performs Level 1 monitoring of our global security alerts and events. Orchestrate … data from multiple sources, to quickly assess potential incidents, their scope, and impact. Achieve deep understanding of the available toolsets and how to operate them to best effect in incident prevention, detection and response, providing feedback to the security architecture and engineering team about how they can be optimised. Make decisions on the implementation of containment measures at More ❯

integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle - from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned - collaborating with a global team of incident responders. You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In … this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more. You will also leverage your collaboration and … communication skills to work effectively with all relevant stakeholders in multicultural and global environments. Responsibilities - Report to Director to facilitate all phases in the incident response lifecycle - Be involved in various incident prevention projects to improve Security posture Preparation: - Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc. - Take part in self More ❯

professional management services to the firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources. What You'll Do As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. … This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening … our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks More ❯

Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to £90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role … focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response … investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. More ❯

Senior SOC Engineer/SOC Technical Lead (Incident Response) Reporting into the Security Operations Centre Senior Manager, the role will take the lead across the EMEA region to develop and integrate the Incident Response (IR)/SOC security infrastructure to monitor both on premise and cloud environments. The role will serve as a critical bridge between … operations and engineering. Responsibilities: - Drive and improve continuous monitoring and incident response, serving as a senior resource in the SOC and Incident Response processes. - Configure and integrate platforms, tools, service providers, and solutions into IR/SOC systems, make recommendations as needed. - Consolidate and improve security logging and monitoring solutions on premise and in the cloud … to detect and respond to security threats in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud More ❯

We have a new and exciting role available within our Cyber Security division in the U.K for an Incident Response Engagement Lead. S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges. We've been able to … us. Working in Cyberat S-RM Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever. We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We … If that sounds like your kind of team, we'd like to hear from you. The role We are looking for a German speaking consultant to join our Cyber Incident Response team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get More ❯

re now seeking a Consultant to join our Discovery and Data Insights team in London. In this role, you will provide technical expertise and consultative solutions in Digital Forensics, Incident Response, Cyber Security , and eDiscovery for our clients. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement . You will be expected to … be a technical lead on cases for our regional and international teams (DFIR/Legal Technologies/Data Analytics) and work closely with our Cyber Response, Crisis Management, and Investigations divisions. Additionally, you will support business development through articles, presentations, and marketing campaigns. This role requires working at our London office at least three days a week (hybrid) with … on-call rotations that may include weekends/evenings. Experience in digital forensics and incident response is essential. Responsibilities Provide forensic/incident response consultancy and expertise in data collection, investigation, analysis, and cybersecurity services. Support Investigation teams across regions. Deliver high-quality, timely, and efficient results to clients. Ensure work is defensible and meets evidential More ❯

Security Analyst, Security Operations and Incident Response Meta is seeking a Security Analyst to join the Global Security Operations and Incident Response team. The Analyst will serve on the front lines of Meta's Security team and will lead and support security investigations across the company's global infrastructure as well as respond to escalations from … closely with technical teams, with a broad set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale. Security Analyst, Security Operations and Incident Response Responsibilities Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation. Act as an escalation point for … high quality and accurate reports for a wide range of stakeholders. Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents. Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies. Collaborate with cross-functional teams to drive improvements to security tools, policies and processes. Improve the effectiveness and efficiency More ❯

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory … requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Your Impact Incident Response Leadership Lead … all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as the main point of contact for incident updates to More ❯

Social network you want to login/join with: We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team.The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory requirements. The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing … operational disruptions. Your Impact Incident Response Leadership Lead all phases of incident response, including detection, analysis, containment, eradication, recovery and communication. Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams. Ensure adherence to the organization's incident response framework and regulatory requirements. 2. Strategic Communication Serve as More ❯

Join Maersk's groundbreaking Cyber Team: Redefining Incident Management & Response Imagine a career where you're not just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This … seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on Incident Management; you'll help improve how it's done. Dive into purple teaming, create and refine world-class detections, shape change projects, and push the boundaries of what's … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. About the role: Incident Response and Leadership Lead incident management activities in response to all high priority cyber-security incidents, with the ability to remain calm and focused during crisis More ❯

how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on cutting-edge research and designed to drive change, resilience, and … in innovative projects that allow you to bring your ideas to life, help shape the future of cybersecurity while developing new capabilities that enhance our operations. Key responsibilities Cyber Incident Response and event management Contributing to the response efforts for security incidents, managing triage, containment, documentation, and the reporting process. Contribute to the Cyber Incident Response process from a technical perspective and provide effective management of all cyber incidents. Supporting the Incident Manager in driving post-incident reviews Collaborate with global stakeholders in technical conversations, to align response efforts and communicate effectively across technical audiences during incidents. Leverage Incident Analysis context to help identify gaps and improve detection and response More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end … cyber incident lifecycle management for major security events -ensuring rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable … reporting and trend analysis using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

or any other characteristic protected by law. Accommodation is available upon request for candidates taking part in the selection process. Job Description: Cyber Risk Advisor Primary Responsibilities Support Cyber Incident In-take and Triage : As the primary back-up to the AXIS Cyber Incident Commander, field in-bound notices of incidents by customers and brokers. Make contact as … will serve as the initial and primary contact point to AXIS by customers, until you refer matters to AXIS Claims and/or 3rd party vendors, as appropriate. Deliver Incident Response "Drills" to Customers: Work with Primary Cyber insurance customers to conduct realistic cyber incident scenario exercises ("Drills"). This complimentary service helps customers test and strengthen … their Incident Response Plans, with practical advice provided following the engagement. This sought-after service would be delivered virtually and may involve third-party experts (e.g. Privacy Counsel, Digital Forensics/Incident Response, etc.). Support customer service program: Through response to requests and direct customer outreach, provide Customers with education, onboarding, and other support More ❯

Security Engineer, AWS SOC Incident Response Job ID: Amazon Data Services UK Limited The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is looking for a highly motivated, technically inclined individual to work as a Security Engineer. A successful candidate will need to embody our 16 leadership principles; especially … real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities. - Maintain and optimize security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve … incident response procedures, and provide regular reports on security posture. A day in the life A day in the life As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating More ❯

Security Operations Specialist to join our cybersecurity team. In this role, you will be responsible for administering and enhancing our security monitoring and detection capabilities, ensuring rapid and effective response to cyber incidents, and driving continuous improvements across our security operations. The main responsibilities will include overseeing and optimizing alert rules and triggers, guiding the Cyber Incident Response Team (CIRT) in Level 1 incident handling, and stepping in to manage Level 1 and Level 2 responses when needed. You will play a key role in maintaining and developing cyber response playbooks, actively monitoring IT and security infrastructure beyond the scope of our Security Operations Centers (SOCs) and ensuring alignment with organizational IT security policies and … Network and Application Security, Cloud environments, and Endpoint Protection. What you'll be doing Administer and optimize security monitoring and detection tools, refining alert rules and triggers to enhance incident detection by optimizing Monitoring and Detection Systems: Consistently improve and fine-tune security monitoring tools and alert rules to maximize timely detection and minimize false positives, including the health More ❯

defined by the successful and secure deployment of Salesforce as part of the largest transformation programme in the history of the UK charity sector (Engage ). The governance frameworks, incident response protocols, and security strategies you design and embed will lay the foundations for Cancer Research UK's long-term resilience - safeguarding critical data and empowering our lifesaving … threats and vulnerabilities within the Salesforce NPC environment. Security Controls Implementation:Developing and enforcing security controls, policies, and procedures to safeguard sensitive data and ensure compliance with industry standards. Incident Response:Establishing and managing incident response protocols to effectively address and mitigate security breaches or incidents. User Training and Awareness:As part of a wider change … on the end-to-end architecture, design, and execution of security strategies and transformational initiatives with the ability to adapt to changing security landscapes and organisational needs. Led effective incident response efforts with experience using security technologies (including encryption protocols, firewalls, intrusion detection systems, and vulnerability assessment tools) to minimise risk and ensure rapid recovery. Subject matter expert More ❯